On Thu, Sep 11, 2008 at 02:25:34AM +1200, Amos Jeffries wrote: > Nuno Silva wrote: >> And regarding the output of iptables -t filter -L *: >> >> iptables: No chain/target/match by that name >> >> Should the output be other? > > Weird, I'd expect a list same as for the -t nat you gave earlier, > but never mind. I thought maybe there was a forwarding rule or > policy blocking things. Since MASQUERADE fixed it, we don't need > to look any further. I think the * is spurious. At least, I've never used a wildcard when getting iptables to list rules, and in fact never considered that it might support it. Apparently mine doesn't, as I get the same output: # iptables -t filter -L\* iptables: No chain/target/match by that name whereas "iptables -t filter -L" works just fine. $ /sbin/iptables --version iptables v1.3.6 $ uname -r 2.6.18-6-amd64 Re-reading the posts, I think that asterisk might have been added originally *just for emphasis*, and wasn't in the actual command.
