Книга: Linux Network Administrator Guide, Second Edition

Listing our rules

Listing our rules

After we've entered our rules, we ask ipfwadm to list them for us using the command:

# ipfwadm -F -l

This command will list all of the configured forwarding rules. The output should look something like this:

# ipfwadm -F -l
IP firewall forward rules, default policy: accept
type  prot source               destination          ports
deny  tcp  anywhere             172.16.10.0/24       www -> any
acc   tcp  172.16.1.0/24        anywhere             any -> www

The ipfwadm command will attempt to translate the port number into a service name using the /etc/services if an entry exists there.

The default output is lacking in some important detail for us. In the default listing output, we can't see the effect of the -y argument. The ipfwadm command is able to produce a more detailed listing output if you specify the -e (extended output) argument too. We won't show the whole output here because it is too wide for the page, but it includes an opt (options) column that shows the -y option controlling SYN packets:

# ipfwadm -F -l -e
P firewall forward rules, default policy: accept
pkts bytes type  prot opt  tosa tosx ifname  ifaddress   source        ...  
    0     0 deny  tcp  --y- 0xFF 0x00 any     any         anywhere      ...      
    0     0 acc   tcp  b--- 0xFF 0x00 any     any         172.16.1.0/24 ...

Оглавление книги

Оглавление статьи/книги

Генерация: 0.042. Запросов К БД/Cache: 0 / 0
поделиться
Вверх Вниз