Skip to main content
Unix & Linux

Return to Answer

Formatting
Source Link
AdminBee
AdminBee
  • 23.6k
  • 25
  • 55
  • 77

To see what you have and what you want to change you first need to do some examination.

  1. Check for counters and write these somewhere so you can enter them later.

    Check for counters and write these somewhere so you can enter them later.

    iptables-save -c

    iptables-save -c

  2. Check for the line you want to replace / reposition using

    Check for the line you want to replace / reposition using

    iptables -L -v -n --line-n

    iptables -L -v -n --line-n

  3. Write the rule in the designated CHAIN and add the counters explained in step on. For example.

    Write the rule in the designated CHAIN and add the counters explained in step on. For example.

    iptables -R INPUT 5 -i virbr0 -p udp -m udp -c 3441 472271 --dport 53 -j ACCEPT -m comment --comment "Some comment"

    iptables -R INPUT 5 -i virbr0 -p udp -m udp -c 3441 472271 --dport 53 -j ACCEPT -m comment --comment "Some comment"

Meaning of -c

-c [packets:bytes]

The above iptables rule will be entered on line 5.

You can save the current iptables (and counters) by doing iptables-save -c -f /somepath/iptrules-$(date +%F).

iptables-save -c -f /somepath/iptrules-$(date +%F)

To see what you have and what you want to change you first need to do some examination.

  1. Check for counters and write these somewhere so you can enter them later.

    iptables-save -c

  2. Check for the line you want to replace / reposition using

    iptables -L -v -n --line-n

  3. Write the rule in the designated CHAIN and add the counters explained in step on. For example.

    iptables -R INPUT 5 -i virbr0 -p udp -m udp -c 3441 472271 --dport 53 -j ACCEPT -m comment --comment "Some comment"

Meaning of -c

-c [packets:bytes]

The above iptables rule will be entered on line 5.

You can save the current iptables (and counters) by doing iptables-save -c -f /somepath/iptrules-$(date +%F).

To see what you have and what you want to change you first need to do some examination.

  1. Check for counters and write these somewhere so you can enter them later. 
    iptables-save -c
  2. Check for the line you want to replace / reposition using 
    iptables -L -v -n --line-n
  3. Write the rule in the designated CHAIN and add the counters explained in step on. For example. 
    iptables -R INPUT 5 -i virbr0 -p udp -m udp -c 3441 472271 --dport 53 -j ACCEPT -m comment --comment "Some comment"

Meaning of -c

-c [packets:bytes]

The above iptables rule will be entered on line 5.

You can save the current iptables (and counters) by doing

iptables-save -c -f /somepath/iptrules-$(date +%F)
requires flag to specify output file
Source Link
edit approved Jul 1, 2022 at 10:16
Pedro
edit approved Jul 1, 2022 at 10:16
Pedro
  • 123
  • 1
  • 6

To see what you have and what you want to change you first need to do some examination.

  1. Check for counters and write these somewhere so you can enter them later.

    iptables-save -c

  2. Check for the line you want to replace / reposition using

    iptables -L -v -n --line-n

  3. Write the rule in the designated CHAIN and add the counters explained in step on. For example.

    iptables -R INPUT 5 -i virbr0 -p udp -m udp -c 3441 472271 --dport 53 -j ACCEPT -m comment --comment "Some comment"

Meaning of -c

-c [packets:bytes]

The above iptables rule will be entered on line 5.

Note. SaveYou can save the current iptables rules using(and counters) by doing iptables-save -c -f /somepath/iptrules-$(date +%F) which will preserve counters.

To see what you have and what you want to change you first need to do some examination.

  1. Check for counters and write these somewhere so you can enter them later.

    iptables-save -c

  2. Check for the line you want to replace / reposition using

    iptables -L -v -n --line-n

  3. Write the rule in the designated CHAIN and add the counters explained in step on. For example.

    iptables -R INPUT 5 -i virbr0 -p udp -m udp -c 3441 472271 --dport 53 -j ACCEPT -m comment --comment "Some comment"

Meaning of -c

-c [packets:bytes]

The above iptables rule will be entered on line 5.

Note. Save iptables rules using iptables-save -c /somepath/iptrules-$(date +%F) which will preserve counters.

To see what you have and what you want to change you first need to do some examination.

  1. Check for counters and write these somewhere so you can enter them later.

    iptables-save -c

  2. Check for the line you want to replace / reposition using

    iptables -L -v -n --line-n

  3. Write the rule in the designated CHAIN and add the counters explained in step on. For example.

    iptables -R INPUT 5 -i virbr0 -p udp -m udp -c 3441 472271 --dport 53 -j ACCEPT -m comment --comment "Some comment"

Meaning of -c

-c [packets:bytes]

The above iptables rule will be entered on line 5.

You can save the current iptables (and counters) by doing iptables-save -c -f /somepath/iptrules-$(date +%F).

Source Link
Valentin Bajrami
Valentin Bajrami
  • 9.6k
  • 3
  • 28
  • 39

To see what you have and what you want to change you first need to do some examination.

  1. Check for counters and write these somewhere so you can enter them later.

    iptables-save -c

  2. Check for the line you want to replace / reposition using

    iptables -L -v -n --line-n

  3. Write the rule in the designated CHAIN and add the counters explained in step on. For example.

    iptables -R INPUT 5 -i virbr0 -p udp -m udp -c 3441 472271 --dport 53 -j ACCEPT -m comment --comment "Some comment"

Meaning of -c

-c [packets:bytes]

The above iptables rule will be entered on line 5.

Note. Save iptables rules using iptables-save -c /somepath/iptrules-$(date +%F) which will preserve counters.