Re: iptables rules still working after being flushed (?)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sun, Mar 15, 2015 at 12:21:19PM -0400, John Lauro wrote:
> As far as I know, when there is version coupling, it's only impacted those
> rules out of sync or missing between versions, and it's been pretty good
> about complaining.
> 
> iptables -L -n will not show all the tables (just the filter tables, and so
> you probably didn't flush all the tables.  There is also tables for nat,
> security, raw, and mangle.)
> Try running
> iptables-save  (it just goes to stdout so it doesn't save it anywhere
> besides your terminal unless you tell it to)

Thanks a lot for trying, but no, that's not the problem.

I have never used any of those tables, so I would not need to flush
them, but in either case, and to be sure:

for t in nat security raw mangle; do iptables -t $t -L -n; done

Output:

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination


and still I can't make more than 19 ssh connections in a row.

Where are the old tables stored and why do they work after I deleted them?

See what I said this is an X-File?
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux