To view iptables blocks, you can use the following commands:
- List all active rules:
iptables -L(oriptables -nLfor numerical output)- This command lists all active rules in all chains (INPUT, OUTPUT, FORWARD, etc.).
- List rules for a specific chain:
iptables -L <chain_name>- Replace
<chain_name>with the name of the chain you’re interested in (e.g., INPUT, OUTPUT, FORWARD).
- Replace
- View detailed information:
iptables -L -v -n- This command provides detailed information about each rule, including packet and byte counters.
- Search for a specific IP address:
iptables -L -n --line | grep <IP_Address>- Replace
<IP_Address>with the IP address you’re interested in. If the IP appears as DROP or REJECT, it’s blocked.
- Replace
- View rules with line numbers:
iptables -L -n --line-numbers- This command adds line numbers to the output, making it easier to identify specific rules.
Below shows an example of using iptables -L -v -n:
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
284K 42M ACCEPT all -- any any anywhere anywhere ctstate RELATED,ESTABLISHED
0 0 ACCEPT all -- lo any anywhere anywhere
0 0 DROP all -- any any anywhere anywhere ctstate INVALID
396 63275 UDP udp -- any any anywhere anywhere ctstate NEW
17067 1005K TCP tcp -- any any anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN ctstate NEW
2410 154K ICMP icmp -- any any anywhere anywhere ctstate NEW
396 63275 REJECT udp -- any any anywhere anywhere reject-with icmp-port-unreachable
2916 179K REJECT all -- any any anywhere anywhere reject-with icmp-proto-unreachable
0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:ssh ctstate NEW,ESTABLISHED
Leave a Reply