Checking the Input, Output, and Forwarding Rules

Now that you've seen what a firewall chain listing looks like and what formatting options are available, we'll go through brief lists of INPUT, OUT, and FORWARD rules. The sample rules are representative of some of the rules you'll most likely use yourself.

Checking the Input Rules

Your input rules are mostly ACCEPT rules when the default policy is DROP. Everything is denied, by default, and you explicitly define what will be accepted. Remember that packets arriving on the INPUT chain are targeted to the local host. The following example contains a representative sample of input acceptance rules:

 > iptables -v -L INPUT Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in ...

Get Linux Firewalls, Third Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.