On April 30, 2005 01:39 am, varun_saa@xxxxxxxx wrote: Comments in inline -- - note the << below > Hello, > I wish to understand the following > in the iptables file. > > I see the following the entries : > > # Generated by iptables-save v1.2.9 on Tue Apr 26 14:50:01 2005 > *nat <<< NAT table header > > :OUTPUT ACCEPT [0:0] << Chain + policy + packet/byte count > :PREROUTING ACCEPT [0:0] << Chain + policy + packet/byte count > :POSTROUTING ACCEPT [0:0] "" > > # Completed on Tue Apr 26 14:50:01 2005 > # Generated by iptables-save v1.2.9 on Tue Apr 26 14:50:01 2005 > *mangle <<< Mamgle table header > > :PREROUTING ACCEPT [707:100355] << see above Chain/policy/packet/byte count > :INPUT ACCEPT [704:99811] '' > :FORWARD ACCEPT [0:0] '' > :OUTPUT ACCEPT [541:74129] '' > :POSTROUTING ACCEPT [611:85191] "" > > # Completed on Tue Apr 26 14:50:01 2005 > # Generated by iptables-save v1.2.9 on Tue Apr 26 14:50:01 2005 > *filter <<<< filter table header > > :FORWARD ACCEPT [0:0] > :INPUT DROP [0:0] > :OUTPUT ACCEPT [0:0] > > What do you entries like " OUTPUT ACCEPT [0:0] " Output chain in x table - Policy on the chain is ACCEPT and 0 packets/ 0 Bytes have been tracked through the chain. This is the file from iptables-save and should only be used to save and reload the firewall over reboots. I wouldn't recommend trying to understand it unless you do crazy stuff like -- edit the file with sed when your cable modem changes ip's *cough* (glances around) Alistair Tonner > signify or represent. > > Thanks > > Varun
