[root@kube-master ~]# iptables -L INPUT --line-numbers Chain INPUT (policy ACCEPT) num target prot opt source destination1 ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED2 ACCEPT all -- anywhere anywhere3 INPUT_direct all -- anywhere anywhere4 INPUT_ZONES_SOURCE all -- anywhere ...
Chain INPUT (policy ACCEPT) //处理输入流量的规则链,默认策略为"放行" target prot opt source destination ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere INPUT_direct all -- anywhere anywhere INPUT_ZONES_SOURCE all -- anywhere anywhere INPUT_ZONES all --...
:INPUT_direct - [0:0] :OUTPUT_direct - [0:0] -A INPUT -j INPUT_direct -A FORWARD -j FORWARD_direct -A OUTPUT -j OUTPUT_direct COMMIT # Completed on Tue Feb 22 20:05:36 2022 # Generated by iptables-save v1.4.21 on Tue Feb 22 20:05:36 2022 *raw :PREROUTING ACCEPT [30367:...
Chain INPUT_direct (1references) target prot opt source destination Chain IN_public (2references) target prot opt source destination IN_public_log all--anywhere anywhere IN_public_deny all--anywhere anywhere IN_public_allow all--anywhere anywhere Chain IN_public_allow (1references) target prot op...
78 6024 INPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0 78 6024 INPUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0 78 6024 INPUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID ...
Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED 0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 INPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0 0 0...
INPUT_direct all -- anywhere anywhere INPUT_ZONES_SOURCE all -- anywhere anywhere INPUT_ZONES all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere REJECT all -- anywhere anywhere reject-with icmp-host-prohibited ………省略部分输出信息……… 在iptables命令后...
INPUT_direct all--anywhere anywhereINPUT_ZONES_SOURCEall--anywhere anywhereINPUT_ZONESall--anywhere anywhereACCEPTicmp--anywhere anywhereREJECTall--anywhere anywhere reject-withicmp-host-prohibited ………省略部分输出信息……… 在iptables命令后添加-F参数清空已有的防火墙规则链: 代码语言:javascript...
(direct) is a mechanism, makes you write (firewalld) command in a (iptables) manner. direct是一种让你用iptables风格写firewalld命令的机制。 These two commands has the same goal: iptables -t filter -A INPUT_direct -p tcp --dport 80 -j ACCEPT ...
INPUT_direct all -- anywhere anywhere INPUT_ZONES_SOURCE all -- anywhere anywhere INPUT_ZONES all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere REJECT all -- anywhere anywhere reject-with icmp-host-prohibited ………省略部分输出信息……… 使用iptables命令...