[NBLUG/talk] iptables -L and PREROUTING
Ron Wickersham
rjw at alembic.com
Thu Apr 17 19:38:28 PDT 2008
On Thu, 17 Apr 2008, Bob Blick wrote:
> If I issue a PREROUTING command and later look at my iptables with
> iptables --list, it doesn't show the PREROUTING rule, only the usual
> INPUT, FORWARD and OUTPUT rules.
>
> Is there any way to get it to show all the rules? And does that
> PREROUTING comand get saved when I do an iptables-save?
>
> Thanks,
>
> Bob
hi Bob,
you have to explicly say which table you want to display.
so if i'm examining the nat table then the command to show a PREROUTING
chain would be:
alembic-rtr:/etc/rc2.d# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DNAT tcp -- anywhere dev.csbuilders.net multiport dports ssh,www,https,ftp to:10.42.5.3
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
SNAT all -- anywhere anywhere to:192.82.17.45
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
so while the PREROUTING chain exists, the command you issued:
alembic-rtr:/etc/rc2.d# iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
doesn't show it as you reported.
hth. (don't know situation on saving, i use explicit shell scripts to
initiate the rules on startup).
-ron
--
/~\ The ASCII Ribbon Campaign
\ / No HTML/RTF in email
X No Word docs in email
/ \ Respect for open standards
More information about the talk
mailing list