Internet articles

Internet articles - from time to time update

route

route add -net 10.0.0.0  netmask 255.0.0.0  gw 10.4.4.62
route del -net 10.0.0.0  netmask 255.0.0.0  gw 10.4.4.62

route add default gw 172.16.130.22
route del default gw 172.16.130.22

route -n 

 

 

iptables

 

1, see the
iptables -nvL -line-number

-L View all the rules of the current table, the default view of the filter table, if you want to view the NAT table, you can add -t NAT parameter
-n right ip address reverse lookup, add this parameter displays the speed will be much faster
-v output detailed information, including the number of packets by the rule, and the total number of bytes corresponding network interface
-line-number display the serial number of the rule, when this parameter will be used to delete or modify rules

 

2, added
added rule has two arguments: -A and -I. Wherein -A is added to the end of the rule; -I may be inserted to the specified position, the position is not specified, then the default rule is inserted into the header portion.

Current rules:

 

[Test the root @ ~] # iptables -NL --line- Number 
Chain the INPUT (Policy ACCEPT) 
NUM target Source opt Where do you want Prot 
. 1     the DROP All -   192.168 . 1.1           0.0 . 0.0 / 0 
2     the DROP All -   192.168 . 1.2           0.0 . 0.0 / 0 
. 3     the DROP All -   192.168 . 1.4           0.0 . 0.0 / 0 
is added to the end of a rule: 

[the root Test @ ~] # iptables -A the INPUT -s 192.168 . for 1.5 -j DROP 
insert a rule to the third row, the number of lines written directly to the back of the chain rule: 

[the root Test @ ~] # iptables -I the INPUT . 3 -s 192.168 . 1.3 - j DROP 
View: 

[the root Test @ ~] iptables -NL --line- # Number 
Chain the INPUT (Policy ACCEPT) 
NUM target Source opt Where do you want Prot 
. 1     the DROP All -   192.168 . 1.1           0.0 . 0.0 / 0 
2     the DROP All -   192.168 . 1.2           0.0 . 0.0 / 0 
. 3     the DROP All -  192.168 . 1.3           0.0 . 0.0 / 0 
. 4     the DROP All -   192.168 . 1.4           0.0 . 0.0 / 0 
. 5     the DROP All -   192.168 . For 1.5           0.0 . 0.0 / 0 
see 192. 168.1 .3 inserted into the third row, while the original the third line 192. 168.1 .4 became the fourth line.

 

3, delete,
delete with -D parameters

 

Before adding a rule to delete (the INPUT -s 192.168.1.5 iptables -A -j DROP): 

[root @ the Test ~] # iptables -D -s 192.168.1.5 the INPUT -j DROP 
Sometimes you want to delete the rule is too long, deleted write a long list, a waste of time and easy wrong, then we can first use -line-number to identify the line number that rule, and then delete the rule by line number. 

[Test the root @ ~] # iptables -nv --line-Number 
iptables v1.4.7: NO Command specified 
the Try iptables `-H 'or' iptables --help 'for More Information. 
[Test the root @ ~] # iptables -NL Number---line 
Chain the INPUT (Policy ACCEPT) 
NUM target Source opt Where do you want Prot 
. 1 All the DROP - 192.168.1.1 0.0.0.0/0 
2 All the DROP - 192.168.1.2 0.0.0.0/0 
. 3 All the DROP - 192.168. 1.3 0.0.0.0/0 
delete the second row rule 

[root @ test ~] # iptables -D INPUT 2

　　

4, modified
to modify the parameters used -R

 

Look at the current rule: 

[the root Test @ ~] # iptables -NL --line- Number 
Chain the INPUT (Policy ACCEPT) 
NUM target Source opt Where do you want Prot 
. 1     the DROP All -   192.168 . 1.1           0.0 . 0.0 / 0 
2     the DROP All - -   192.168 . 1.2           0.0 . 0.0 / 0 
. 3     the DROP All -   192.168 . for 1.5           0.0 . 0.0 / 0 
the third rule to ACCEPT: 

[the root Test @ ~] -R & lt iptables the INPUT # . 3 -j ACCEPT 
View at: 

[the root Test @ ~] # iptables -NL --line- Number 
Chain the INPUT (Policy ACCEPT) 
NUM target Source opt Where do you want Prot 
. 1     the DROP All -   192.168 . 1.1           0.0 . 0.0 / 0 
2     the DROP All - -   192.168 . 1.2           0.0 . 0.0 / 0 
. 3     ACCEPT All -   0.0 . 0.0 / 0             0.0 . 0.0 / 0 
target third rule has been changed to ACCEPT.