- 论坛徽章:
- 0
|
要看你的 default policy 是哪种设定
使用如下命令可以查看不同 chain 的状态
输出:
- [root@gw ~]# iptables -L -n
- Chain INPUT (policy ACCEPT)
- target prot opt source destination
- ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
- ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
- ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
- ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
- ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
- ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
- REJECT all -- 0.0.0.0/0 0.0.0.0/0 ctstate NEW reject-with icmp-port-unreachable
- Chain FORWARD (policy ACCEPT)
- target prot opt source destination
- Chain OUTPUT (policy ACCEPT)
- target prot opt source destination
复制代码
若为 ACCEPT 表示放行,若是 DROP 表示阻挡
|
|