Le 29/11/2016 à 12:33, Kevin Wilson a écrit :
Hi,
Is there a way to find out if there any iptables rules set on a machine ?
There are some indirect ways which will not always work; for example,
I know that on most hosts,
iptables -S
will return the following output (when no iptable rules are set)
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
Consider using iptables-save instead of iptables -S.
iptables -S has two drawbacks :
- it shows only one table at a time (the default table is filter)
- if the table was not loaded, it loads it. This is useless.
iptables-save does not have these drawbacks : when no table is
specified, it shows all loaded tables and does not load any table.
In either output, rules start with "-A " so you can use grep to check
whether there are occurences of this pattern.
iptables-save | grep -q "^-A " && echo "rule(s)" || echo "no rule"
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
