iptables詳解(8)iptables自定義鏈
自定義鏈存在的意義:對鏈進行分類ubuntu
target多是一個「動做「也多是一個」自定義鏈」tcp
1.新增自定義鏈。spa
root@ubuntu:~# iptables -t filter -N IN_WEB
#結果 root@ubuntu:~# iptables -nvL Chain INPUT (policy ACCEPT 23 packets, 1448 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 16 packets, 1212 bytes) pkts bytes target prot opt in out source destination Chain IN_WEB (0 references) pkts bytes target prot opt in out source destination
2.引用自定義鏈。blog
root@ubuntu:~# iptables -t filter -I INPUT -p tcp --dport 80 -j IN_WEB
#結果 root@ubuntu:~# iptables -nvL Chain INPUT (policy ACCEPT 11 packets, 770 bytes) pkts bytes target prot opt in out source destination 0 0 IN_WEB tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 4 packets, 480 bytes) pkts bytes target prot opt in out source destination Chain IN_WEB (1 references) pkts bytes target prot opt in out source destination
3.重命名自定義鏈。ip
root@ubuntu:~# iptables -E IN_WEB WEB
root@ubuntu:~# iptables -nvL
Chain INPUT (policy ACCEPT 53 packets, 3639 bytes)
pkts bytes target prot opt in out source destination
0 0 WEB tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 36 packets, 2840 bytes)
pkts bytes target prot opt in out source destination
Chain WEB (1 references)
pkts bytes target prot opt in out source destination
4.刪除自定義鏈。get
root@ubuntu:~# iptables -X WEB iptables: Too many links.
#被引用了沒法刪除 root@ubuntu:~# iptables --line -nvL Chain INPUT (policy ACCEPT 366 packets, 32141 bytes) num pkts bytes target prot opt in out source destination 1 0 0 WEB tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 137 packets, 11248 bytes) num pkts bytes target prot opt in out source destination Chain WEB (1 references) num pkts bytes target prot opt in out source destination #刪除引用自定義鏈的條目 root@ubuntu:~# iptables -D INPUT 1 root@ubuntu:~# root@ubuntu:~# iptables -nvL Chain INPUT (policy ACCEPT 70 packets, 4797 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 35 packets, 2848 bytes) pkts bytes target prot opt in out source destination Chain WEB (0 references) pkts bytes target prot opt in out source destination
#可正常刪除 root@ubuntu:~# iptables -X WEB root@ubuntu:~# root@ubuntu:~# iptables -nvL Chain INPUT (policy ACCEPT 33 packets, 2104 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 23 packets, 1860 bytes) pkts bytes target prot opt in out source destination
刪除的條件:io
1.自定義鏈中無規則table
2.自定義鏈沒有被其餘的鏈所引用 class
相關文章
- 1. iptables詳解(10):iptables自定義鏈
- 2. iptables簡介 自定義鏈
- 3. iptables詳解
- 4. 詳解IPTABLES
- 5. iptables 詳解
- 6. Iptables詳解
- 7. 《iptables詳解 》RHEL6
- 8. iptables 詳解(NAT)
- 9. iptables ipset詳解
- 更多相關文章...
- • 自定義TypeHandler - MyBatis教程
- • MySQL自定義函數(CREATE FUNCTION) - MySQL教程
- • RxJava操作符(十)自定義操作符
- • Flink 數據傳輸及反壓詳解
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. 外部其他進程嵌入到qt FindWindow獲得窗口句柄 報錯無法鏈接的外部符號 [email protected] 無法被([email protected]@[email protected]@@引用
- 2. UVa 11524 - InCircle
- 3. The Monocycle(bfs)
- 4. VEC-C滑窗
- 5. 堆排序的應用-TOPK問題
- 6. 實例演示ElasticSearch索引查詢term,match,match_phase,query_string之間的區別
- 7. 數學基礎知識 集合
- 8. amazeUI 復擇框問題解決
- 9. 揹包問題理解
- 10. 算數平均-幾何平均不等式的證明,從麥克勞林到柯西
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. iptables詳解(10):iptables自定義鏈
- 2. iptables簡介 自定義鏈
- 3. iptables詳解
- 4. 詳解IPTABLES
- 5. iptables 詳解
- 6. Iptables詳解
- 7. 《iptables詳解 》RHEL6
- 8. iptables 詳解(NAT)
- 9. iptables ipset詳解