---
layout: single
title:  "iptables"
date:   2021-07-27 00:00:00 +0800
categories: 操作系统
tags: [iptables, Linux]
---

## 规则
### 添加规则
```shell
iptables -t raw -A OUTPUT -p icmp -j TRACE
iptables -t raw -A PREROUTING -p icmp -j TRACE
```

### 查看规则
```shell
# iptables -t raw -L -n --line-numbers 
Chain PREROUTING (policy ACCEPT)
num  target     prot opt source               destination         
1    TRACE      icmp --  0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination         
1    TRACE      icmp --  0.0.0.0/0            0.0.0.0/0           
```

### 删除规则
```shell
iptables -t raw -D PREROUTING 1
iptables -t raw -D OUTPUT 1
```

## 参考资料
* [iptables详解](https://www.cnblogs.com/metoy/p/4320813.html)
* [iptables](https://en.wikipedia.org/wiki/Iptables)
* [How to trace IPTables in RHEL7 / CENTOS7](https://www.opensourcerers.org/2016/05/27/how-to-trace-iptables-in-rhel7-centos7/)