[NBLUG/talk] iptables -L and PREROUTING

Ron Wickersham rjw at alembic.com
Thu Apr 17 19:38:28 PDT 2008


On Thu, 17 Apr 2008, Bob Blick wrote:

> If I issue a PREROUTING command and later look at my iptables with
> iptables --list, it doesn't show the PREROUTING rule, only the usual
> INPUT, FORWARD and OUTPUT rules.
>
> Is there any way to get it to show all the rules? And does that
> PREROUTING comand get saved when I do an iptables-save?
>
> Thanks,
>
> Bob

hi Bob,

you have to explicly say which table you want to display.

so if i'm examining the nat table then the command to show a PREROUTING
chain would be:

alembic-rtr:/etc/rc2.d# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination 
DNAT       tcp  --  anywhere             dev.csbuilders.net multiport dports ssh,www,https,ftp to:10.42.5.3

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination 
SNAT       all  --  anywhere             anywhere           to:192.82.17.45

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination


so while the PREROUTING chain exists, the command you issued:

alembic-rtr:/etc/rc2.d# iptables --list 
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

doesn't show it as you reported.

hth.  (don't know situation on saving, i use explicit shell scripts to
initiate the rules on startup).

-ron

--
/~\  The ASCII Ribbon Campaign
\ /    No HTML/RTF in email
  X     No Word docs in email
/ \  Respect for open standards



More information about the talk mailing list