\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a<\/p>\n\n\n\n
root@falcon21:~# iptables –list-rules<\/strong> *********************************************************************************<\/p>\n\n\n\n iptables -L -v\u3068\u5b9f\u884c -v\u306fverbose\u3067\u8a73\u7d30\u3092\u51fa\u529b<\/p>\n\n\n\n root@falcon21:~# iptables -L -v<\/strong> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) **************************************************************************************************<\/p>\n\n\n\n FORWARD\u30c1\u30a7\u30a4\u30f3\u3068OUTPUT\u30c1\u30a7\u30a4\u30f3<\/p>\n\n\n\n \u4ee5\u4e0a\u304cINPUT\u30c1\u30a7\u30a4\u30f3\u306e\u8aac\u660e\u3067\u3057\u305f\u3002\u4ed6\u306b\u3082OUTPUT\u3068FORWARD\u3068\u3044\u3046\u30c1\u30a7\u30a4\u30f3\u304c\u3042\u308a\u307e\u3059\u304c\u3001INPUT\u30c1\u30a7\u30a4\u30f3\u306b\u6bd4\u3079\u308c\u3070\u3068\u3066\u3082\u30b7\u30f3\u30d7\u30eb\u3067\u3059\u3002<\/p>\n\n\n\n Chain FORWARD (policy ACCEPT) Chain OUTPUT (policy ACCEPT) root@falcon21:~# iptables -L –line-numbers<\/strong> Chain FORWARD (policy ACCEPT) Chain OUTPUT (policy ACCEPT) ******************************************************************************************<\/p>\n\n\n\n \u30c1\u30a7\u30fc\u30f3\u3092\u30af\u30ea\u30a2\uff06\u30c7\u30d5\u30a9\u30eb\u30c8\u30dd\u30ea\u30b7\u30fc\u8a2d\u5b9a \u30c7\u30d5\u30a9\u30eb\u30c8\u30dd\u30ea\u30b7\u30fc\u8a2d\u5b9a: root@falcon21:~# iptables –help<\/strong> Usage: iptables -[ACD] chain rule-specification [options] Commands: Options: ****************************************************************************************************************<\/p>\n","protected":false},"excerpt":{"rendered":" \uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a\uff0a root@falcon21:~# iptables –list-rules-P INPUT ACCEPT-P F […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-451","post","type-post","status-publish","format-standard","hentry","category-1"],"_links":{"self":[{"href":"https:\/\/falcon21.space\/kazuya\/work\/index.php?rest_route=\/wp\/v2\/posts\/451","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/falcon21.space\/kazuya\/work\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/falcon21.space\/kazuya\/work\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/falcon21.space\/kazuya\/work\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/falcon21.space\/kazuya\/work\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=451"}],"version-history":[{"count":1,"href":"https:\/\/falcon21.space\/kazuya\/work\/index.php?rest_route=\/wp\/v2\/posts\/451\/revisions"}],"predecessor-version":[{"id":452,"href":"https:\/\/falcon21.space\/kazuya\/work\/index.php?rest_route=\/wp\/v2\/posts\/451\/revisions\/452"}],"wp:attachment":[{"href":"https:\/\/falcon21.space\/kazuya\/work\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=451"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/falcon21.space\/kazuya\/work\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=451"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/falcon21.space\/kazuya\/work\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=451"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -s 118.41.245.222\/32 -j DROP
-A INPUT -s 91.92.242.96\/32 -j DROP
-A INPUT -s 158.94.211.198\/32 -j DROP
-A INPUT -s 141.98.9.70\/32 -j DROP
-A INPUT -s 77.83.39.169\/32 -j DROP
-A INPUT -s 178.16.54.219\/32 -j DROP
-A INPUT -s 91.92.240.214\/32 -j DROP
-A INPUT -s 45.144.212.43\/32 -j DROP
-A INPUT -s 77.83.39.169\/32 -j DROP
-A INPUT -s 141.98.9.105\/32 -j DROP
-A INPUT -s 45.144.212.43\/32 -j DROP
-A INPUT -s 137.184.32.56\/32 -j DROP
-A INPUT -s 18.218.118.203\/32 -j DROP
-A INPUT -s 46.190.153.30\/32 -j DROP
-A INPUT -s 18.218.118.203\/32 -j DROP
-A INPUT -s 77.83.39.169\/32 -j DROP
-A INPUT -s 34.182.217.30\/32 -j DROP
-A INPUT -s 45.144.212.43\/32 -j DROP
-A INPUT -s 8.229.9.8\/32 -j DROP
-A INPUT -s 34.182.230.122\/32 -j DROP
-A INPUT -s 136.109.206.133\/32 -j DROP
-A INPUT -s 77.83.39.241\/32 -j DROP
-A INPUT -s 178.16.54.219\/32 -j DROP
-A INPUT -s 91.92.240.214\/32 -j DROP
-A INPUT -s 161.248.147.102\/32 -j DROP
-A INPUT -s 178.16.53.241\/32 -j DROP
-A INPUT -s 104.152.52.228\/32 -j DROP
-A INPUT -s 35.201.1.167\/32 -j DROP
-A INPUT -s 34.129.109.7\/32 -j DROP
-A INPUT -s 34.116.198.70\/32 -j DROP
-A INPUT -s 34.95.141.233\/32 -j DROP
-A INPUT -s 35.197.174.219\/32 -j DROP
-A INPUT -s 35.241.197.14\/32 -j DROP
-A INPUT -s 34.79.230.15\/32 -j DROP
-A INPUT -s 35.246.236.71\/32 -j DROP
-A INPUT -s 34.142.115.181\/32 -j DROP
-A INPUT -s 34.185.137.227\/32 -j DROP
-A INPUT -s 34.105.231.162\/32 -j DROP
-A INPUT -s 35.230.28.229\/32 -j DROP
-A INPUT -s 34.94.107.161\/32 -j DROP
-A INPUT -s 34.94.123.223\/32 -j DROP
-A INPUT -s 34.125.0.138\/32 -j DROP
-A INPUT -s 34.97.241.51\/32 -j DROP
-A INPUT -s 77.83.39.169\/32 -j DROP
-A INPUT -s 178.16.53.241\/32 -j DROP
-A INPUT -s 203.181.3.94\/32 -j DROP
-A INPUT -s 104.152.52.228\/32 -j DROP
-A INPUT -s 141.98.9.105\/32 -j DROP
-A INPUT -s 45.144.212.43\/32 -j DROP
-A INPUT -s 141.98.11.33\/32 -j DROP
-A INPUT -s 178.16.52.71\/32 -j DROP
-A INPUT -s 35.185.223.148\/32 -j DROP
-A INPUT -s 34.82.221.4\/32 -j DROP
-A INPUT -s 34.186.143.115\/32 -j DROP
-A INPUT -s 34.106.52.219\/32 -j DROP
-A INPUT -s 34.82.97.210\/32 -j DROP
-A INPUT -s 35.236.122.157\/32 -j DROP
-A INPUT -s 34.106.146.251\/32 -j DROP
-A INPUT -s 141.98.9.104\/32 -j DROP
-A INPUT -s 178.16.53.80\/32 -j DROP
-A INPUT -s 178.16.53.230\/32 -j DROP
-A INPUT -s 141.98.11.33\/32 -j DROP
-A INPUT -s 178.16.52.71\/32 -j DROP
-A INPUT -s 141.98.9.104\/32 -j DROP
-A INPUT -s 45.94.31.100\/32 -j DROP
-A INPUT -s 64.225.74.178\/32 -j DROP
-A INPUT -s 147.182.241.81\/32 -j DROP
-A INPUT -s 34.82.97.210\/32 -j DROP
-A INPUT -s 118.41.245.222\/32 -j DROP
-A INPUT -s 91.92.242.96\/32 -j DROP
-A INPUT -s 158.94.211.198\/32 -j DROP
-A INPUT -s 178.16.53.80\/32 -j DROP
-A INPUT -s 178.16.53.230\/32 -j DROP
-A INPUT -s 45.94.31.250\/32 -j DROP
-A INPUT -s 141.98.9.70\/32 -j DROP
-A INPUT -s 3.129.187.38\/32 -j DROP
-A INPUT -s 130.12.180.52\/32 -j DROP
-A INPUT -s 3.129.187.38\/32 -j DROP
-A INPUT -s 158.94.211.198\/32 -j DROP
-A INPUT -s 141.98.9.70\/32 -j DROP
-A INPUT -s 45.94.31.250\/32 -j DROP
-A INPUT -s 35.233.32.170\/32 -j DROP
-A INPUT -s 34.125.138.17\/32 -j DROP
-A INPUT -s 34.106.141.159\/32 -j DROP
-A INPUT -s 34.106.203.77\/32 -j DROP
-A INPUT -s 34.21.47.209\/32 -j DROP<\/p>\n\n\n\n
Chain INPUT (policy ACCEPT 3031K packets, 365M bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all — any any 118.41.245.222 anywhere
0 0 DROP all — any any 91.92.242.96 anywhere
0 0 DROP all — any any 158.94.211.198 anywhere
0 0 DROP all — any any 141.98.9.70 anywhere
0 0 DROP all — any any 77.83.39.169 anywhere
0 0 DROP all — any any 178.16.54.219 anywhere
17 748 DROP all — any any 91.92.240.214 anywhere
1 52 DROP all — any any 45.144.212.43 anywhere
1 44 DROP all — any any 77.83.39.169 anywhere
0 0 DROP all — any any 141.98.9.105 anywhere
0 0 DROP all — any any 45.144.212.43 anywhere
420 20488 DROP all — any any lava.census.shodan.io anywhere
175 10500 DROP all — any any scan.visionheight.com anywhere
0 0 DROP all — any any 46.190.153.30 anywhere
0 0 DROP all — any any scan.visionheight.com anywhere
0 0 DROP all — any any 77.83.39.169 anywhere
0 0 DROP all — any any 30.217.182.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 45.144.212.43 anywhere
0 0 DROP all — any any 8.9.229.8.bc.googleusercontent.com anywhere
0 0 DROP all — any any 122.230.182.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 133.206.109.136.bc.googleusercontent.com anywhere
0 0 DROP all — any any 77.83.39.241 anywhere
0 0 DROP all — any any 178.16.54.219 anywhere
0 0 DROP all — any any 91.92.240.214 anywhere
0 0 DROP all — any any 161.248.147.102 anywhere
0 0 DROP all — any any 178.16.53.241 anywhere
0 0 DROP all — any any internettl.org anywhere
0 0 DROP all — any any 167.1.201.35.bc.googleusercontent.com anywhere
0 0 DROP all — any any 7.109.129.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 70.198.116.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 233.141.95.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 219.174.197.35.bc.googleusercontent.com anywhere
0 0 DROP all — any any 14.197.241.35.bc.googleusercontent.com anywhere
0 0 DROP all — any any 15.230.79.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 71.236.246.35.bc.googleusercontent.com anywhere
0 0 DROP all — any any 181.115.142.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 227.137.185.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 162.231.105.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 229.28.230.35.bc.googleusercontent.com anywhere
0 0 DROP all — any any 161.107.94.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 223.123.94.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 138.0.125.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 51.241.97.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 77.83.39.169 anywhere
0 0 DROP all — any any 178.16.53.241 anywhere
10 400 DROP all — any any q003094.ppp.asahi-net.or.jp anywhere
0 0 DROP all — any any internettl.org anywhere
0 0 DROP all — any any 141.98.9.105 anywhere
0 0 DROP all — any any 45.144.212.43 anywhere
0 0 DROP all — any any srv-141-98-11-33.serveroffer.net anywhere
0 0 DROP all — any any 178.16.52.71 anywhere
0 0 DROP all — any any 148.223.185.35.bc.googleusercontent.com anywhere
0 0 DROP all — any any 4.221.82.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 115.143.186.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 219.52.106.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 210.97.82.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 157.122.236.35.bc.googleusercontent.com anywhere
0 0 DROP all — any any 251.146.106.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 141.98.9.104 anywhere
0 0 DROP all — any any 178.16.53.80 anywhere
0 0 DROP all — any any 178.16.53.230 anywhere
0 0 DROP all — any any srv-141-98-11-33.serveroffer.net anywhere
0 0 DROP all — any any 178.16.52.71 anywhere
0 0 DROP all — any any 141.98.9.104 anywhere
228 11856 DROP all — any any brightmy.com anywhere
68 3042 DROP all — any any butter.scanf.shodan.io anywhere
126 5615 DROP all — any any bacon.scanf.shodan.io anywhere
0 0 DROP all — any any 210.97.82.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 118.41.245.222 anywhere
0 0 DROP all — any any 91.92.242.96 anywhere
0 0 DROP all — any any 158.94.211.198 anywhere
0 0 DROP all — any any 178.16.53.80 anywhere
0 0 DROP all — any any 178.16.53.230 anywhere
0 0 DROP all — any any 45.94.31.250 anywhere
0 0 DROP all — any any 141.98.9.70 anywhere
0 0 DROP all — any any scan.visionheight.com anywhere
0 0 DROP all — any any 130.12.180.52 anywhere
0 0 DROP all — any any scan.visionheight.com anywhere
0 0 DROP all — any any 158.94.211.198 anywhere
0 0 DROP all — any any 141.98.9.70 anywhere
0 0 DROP all — any any 45.94.31.250 anywhere
0 0 DROP all — any any 170.32.233.35.bc.googleusercontent.com anywhere
0 0 DROP all — any any 17.138.125.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 159.141.106.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 77.203.106.34.bc.googleusercontent.com anywhere
0 0 DROP all — any any 209.47.21.34.bc.googleusercontent.com anywhere<\/p>\n\n\n\n
pkts bytes target prot opt in out source destination<\/p>\n\n\n\n
pkts bytes target prot opt in out source destination<\/p>\n\n\n\n
target prot opt source destination
REJECT all — anywhere anywhere reject-with icmp-host-prohibited<\/p>\n\n\n\n
target prot opt source destination<\/p>\n\n\n\n
\n\n\n\n
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 DROP all — 118.41.245.222 anywhere
2 DROP all — 91.92.242.96 anywhere
3 DROP all — 158.94.211.198 anywhere
4 DROP all — 141.98.9.70 anywhere
5 DROP all — 77.83.39.169 anywhere
6 DROP all — 178.16.54.219 anywhere
7 DROP all — 91.92.240.214 anywhere
8 DROP all — 45.144.212.43 anywhere
9 DROP all — 77.83.39.169 anywhere
10 DROP all — 141.98.9.105 anywhere
11 DROP all — 45.144.212.43 anywhere
12 DROP all — lava.census.shodan.io anywhere
13 DROP all — scan.visionheight.com anywhere
14 DROP all — 46.190.153.30 anywhere
15 DROP all — scan.visionheight.com anywhere
16 DROP all — 77.83.39.169 anywhere
17 DROP all — 30.217.182.34.bc.googleusercontent.com anywhere
18 DROP all — 45.144.212.43 anywhere
19 DROP all — 8.9.229.8.bc.googleusercontent.com anywhere
20 DROP all — 122.230.182.34.bc.googleusercontent.com anywhere
21 DROP all — 133.206.109.136.bc.googleusercontent.com anywhere
22 DROP all — 77.83.39.241 anywhere
23 DROP all — 178.16.54.219 anywhere
24 DROP all — 91.92.240.214 anywhere
25 DROP all — 161.248.147.102 anywhere
26 DROP all — 178.16.53.241 anywhere
27 DROP all — internettl.org anywhere
28 DROP all — 167.1.201.35.bc.googleusercontent.com anywhere
29 DROP all — 7.109.129.34.bc.googleusercontent.com anywhere
30 DROP all — 70.198.116.34.bc.googleusercontent.com anywhere
31 DROP all — 233.141.95.34.bc.googleusercontent.com anywhere
32 DROP all — 219.174.197.35.bc.googleusercontent.com anywhere
33 DROP all — 14.197.241.35.bc.googleusercontent.com anywhere
34 DROP all — 15.230.79.34.bc.googleusercontent.com anywhere
35 DROP all — 71.236.246.35.bc.googleusercontent.com anywhere
36 DROP all — 181.115.142.34.bc.googleusercontent.com anywhere
37 DROP all — 227.137.185.34.bc.googleusercontent.com anywhere
38 DROP all — 162.231.105.34.bc.googleusercontent.com anywhere
39 DROP all — 229.28.230.35.bc.googleusercontent.com anywhere
40 DROP all — 161.107.94.34.bc.googleusercontent.com anywhere
41 DROP all — 223.123.94.34.bc.googleusercontent.com anywhere
42 DROP all — 138.0.125.34.bc.googleusercontent.com anywhere
43 DROP all — 51.241.97.34.bc.googleusercontent.com anywhere
44 DROP all — 77.83.39.169 anywhere
45 DROP all — 178.16.53.241 anywhere
46 DROP all — q003094.ppp.asahi-net.or.jp anywhere
47 DROP all — internettl.org anywhere
48 DROP all — 141.98.9.105 anywhere
49 DROP all — 45.144.212.43 anywhere
50 DROP all — srv-141-98-11-33.serveroffer.net anywhere
51 DROP all — 178.16.52.71 anywhere
52 DROP all — 148.223.185.35.bc.googleusercontent.com anywhere
53 DROP all — 4.221.82.34.bc.googleusercontent.com anywhere
54 DROP all — 115.143.186.34.bc.googleusercontent.com anywhere
55 DROP all — 219.52.106.34.bc.googleusercontent.com anywhere
56 DROP all — 210.97.82.34.bc.googleusercontent.com anywhere
57 DROP all — 157.122.236.35.bc.googleusercontent.com anywhere
58 DROP all — 251.146.106.34.bc.googleusercontent.com anywhere
59 DROP all — 141.98.9.104 anywhere
60 DROP all — 178.16.53.80 anywhere
61 DROP all — 178.16.53.230 anywhere
62 DROP all — srv-141-98-11-33.serveroffer.net anywhere
63 DROP all — 178.16.52.71 anywhere
64 DROP all — 141.98.9.104 anywhere
65 DROP all — brightmy.com anywhere
66 DROP all — butter.scanf.shodan.io anywhere
67 DROP all — bacon.scanf.shodan.io anywhere
68 DROP all — 210.97.82.34.bc.googleusercontent.com anywhere
69 DROP all — 118.41.245.222 anywhere
70 DROP all — 91.92.242.96 anywhere
71 DROP all — 158.94.211.198 anywhere
72 DROP all — 178.16.53.80 anywhere
73 DROP all — 178.16.53.230 anywhere
74 DROP all — 45.94.31.250 anywhere
75 DROP all — 141.98.9.70 anywhere
76 DROP all — scan.visionheight.com anywhere
77 DROP all — 130.12.180.52 anywhere
78 DROP all — scan.visionheight.com anywhere
79 DROP all — 158.94.211.198 anywhere
80 DROP all — 141.98.9.70 anywhere
81 DROP all — 45.94.31.250 anywhere
82 DROP all — 170.32.233.35.bc.googleusercontent.com anywhere
83 DROP all — 17.138.125.34.bc.googleusercontent.com anywhere
84 DROP all — 159.141.106.34.bc.googleusercontent.com anywhere
85 DROP all — 77.203.106.34.bc.googleusercontent.com anywhere
86 DROP all — 209.47.21.34.bc.googleusercontent.com anywhere<\/p>\n\n\n\n
num target prot opt source destination<\/p>\n\n\n\n
num target prot opt source destination<\/p>\n\n\n\n
\u73fe\u5728\u306e\u30eb\u30fc\u30eb\u3092\u30af\u30ea\u30a2\uff08\u30d5\u30e9\u30c3\u30b7\u30e5\uff09:
sudo iptables -F sudo iptables -X<\/p>\n\n\n\n -F: \u5168\u30c1\u30a7\u30fc\u30f3\u306e\u30eb\u30fc\u30eb\u3092\u524a\u9664\n -X: \u30e6\u30fc\u30b6\u30fc\u5b9a\u7fa9\u30c1\u30a7\u30fc\u30f3\u3092\u524a\u9664<\/code><\/pre>\n\n\n\n
sudo iptables -P INPUT DROP sudo iptables -P FORWARD DROP sudo iptables -P OUTPUT ACCEPT<\/p>\n\n\n\n INPUT: \u3059\u3079\u3066\u62d2\u5426 (DROP)\n FORWARD: \u3059\u3079\u3066\u62d2\u5426\n OUTPUT: \u3059\u3079\u3066\u8a31\u53ef (ACCEPT)<\/code><\/pre>\n\n\n\n
\n\n\n\n
iptables v1.8.11 (nf_tables)<\/p>\n\n\n\n
iptables -I chain [rulenum] rule-specification [options]
iptables -R chain rulenum rule-specification [options]
iptables -D chain rulenum [options]
iptables -[LS] [chain [rulenum]] [options]
iptables -[FZ] [chain] [options]
iptables -[NX] chain
iptables -E old-chain-name new-chain-name
iptables -P chain target [options]
iptables -h (print this help information)<\/p>\n\n\n\n
Either long or short options are allowed.
–append -A chain Append to chain
–check -C chain Check for the existence of a rule
–delete -D chain Delete matching rule from chain
–delete -D chain rulenum
Delete rule rulenum (1 = first) from chain
–insert -I chain [rulenum]
Insert in chain as rulenum (default 1=first)
–replace -R chain rulenum
Replace rule rulenum (1 = first) in chain
–list -L [chain [rulenum]]
List the rules in a chain or all chains
–list-rules -S [chain [rulenum]]
Print the rules in a chain or all chains
–flush -F [chain] Delete all rules in chain or all chains
–zero -Z [chain [rulenum]]
Zero counters in chain or all chains
–new -N chain Create a new user-defined chain
–delete-chain
-X [chain] Delete a user-defined chain
–policy -P chain target
Change policy on chain to target
–rename-chain
-E old-chain new-chain
Change chain name, (moving any references)<\/p>\n\n\n\n
–ipv4 -4 Nothing (line is ignored by ip6tables-restore)
–ipv6 -6 Error (line is ignored by iptables-restore)
[!] –protocol -p proto protocol: by number or name, eg. tcp' [!] --source -s address[\/mask][...] source specification [!] --destination -d address[\/mask][...] destination specification [!] --in-interface -i input name[+] network interface name ([+] for wildcard) --jump -j target target for rule (may load target extension) --goto -g chain jump to chain with no return --match -m match extended match (may load extension) --numeric -n numeric output of addresses and ports [!] --out-interface -o output name[+] network interface name ([+] for wildcard) --table -t table table to manipulate (default:<\/code>filter’)
–verbose -v verbose mode
–wait -w [seconds] maximum wait to acquire xtables lock before give up
–line-numbers print line numbers when listing
–exact -x expand numbers (display exact values)
[!] –fragment -f match second or further fragments only
–modprobe= try to insert modules using this command
–set-counters -c PKTS BYTES set the counter during insert\/append
[!] –version -V print package version.<\/p>\n\n\n\n