Hi, Is there a way to find out if there any iptables rules set on a machine ? There are some indirect ways which will not always work; for example, I know that on most hosts, iptables -S will return the following output (when no iptable rules are set) -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT So you can check whether or not the number of output lines is greater than 3 (as an indication of whether or not iptables rules are set). But there are hosts on which there are more chains then these 3; these chains are set by application/services, even without any iptable rules which are set. And after running iptables -F on these machines, iptables -S will still show more than 3 chains, even that there are no iptables rules set in these chains. So the question is - is there a way to know whether or not netfilter rules are set on a host, regardless of the number of chains ? Regards, Kevin -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
