How to list all iptables rules that are set on your Linux system. This is very easy.

The iptables -L or iptables --list commands will list all of the iptables rules that are set on your Linux machine. Below is abbreviated output of this command on my Fedora 20 system.

[[email protected] homer]# iptables --list
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            
INPUT_direct  all  --  anywhere             anywhere            
INPUT_ZONES_SOURCE  all  --  anywhere             anywhere            
INPUT_ZONES  all  --  anywhere             anywhere            
ACCEPT     icmp --  anywhere             anywhere            
REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            
FORWARD_direct  all  --  anywhere             anywhere            
FORWARD_IN_ZONES_SOURCE  all  --  anywhere             anywhere            
FORWARD_IN_ZONES  all  --  anywhere             anywhere            
FORWARD_OUT_ZONES_SOURCE  all  --  anywhere             anywhere            
FORWARD_OUT_ZONES  all  --  anywhere             anywhere            
ACCEPT     icmp --  anywhere             anywhere            
REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited

The iptables --flush command will flush all customised iptables rules.

[[email protected] homer]# iptables --flush

Here is a sample rule for ssh I am putting into my iptables configuration.

[[email protected] homer]# iptables -A INPUT -p tcp --dport ssh -j ACCEPT

This will enable traffic coming in to my machine to pass to the ssh port.

No comments have been made. Use this form to start the conversation :)

Leave a Reply