Re: Firewall Issue

On Thu, 20 Mar 2003 15:41:56 -0600, Mike Vanecek wrote:

> > > > As someone pointed out to me once, iptables -L -v only shows one table.
> > > > "service iptables status" gets 'em all.
> > > Would you please expand on this?  I am not seeing any difference between the
> > > two. Of course, iptables -L INPUT -v -n would be something else.
> > "service iptables status" is a loop on all iptables chains (=tables),
> > which means it prints NOT just the contents of the "filter" table.
> > See /etc/init.d/iptables for the code fragment that does it.
> Sorry, do not mean to be thick, but the man iptables says, 
>        -L, --list
>               List all rules in the selected chain.  If no chain is selected,
>               all  chains  are  listed. It  is  legal to specify the -Z (zero)
>               option as well, in which case the chain(s) will anatomically
>               listed and zeroed.  The exact output is affected by the other
>               arguments given.
> would not iptables -L list all iptable chains??

All chains within a _single_ table, but not all chains within all
tables. See section "TABLES" close to the top of "man iptables".

