Iptables rules

[Lisa Kachold]

On Thu, Nov 19, 2009 at 5:27 AM, Marco Savo <savomarco at gmail.com> wrote:

> Hello,
> I may find out the answer by myself, but may be useful to someone else...
>
> I have an embedded router that runs openwrt.
>
> I'd like to be able to read the firewall rules from iptables,
> you can see all rules from iptables -nvL
> How I can identify the rules for port forwarding or dmz? in particolar, I
> need to know the range of ports that are in port forwarding, or if all ports
> have been forwarded to dmz on the lan. I know this is wrong, but this is
> what I do:
>
> DMZ for all ports:
> iptables -nvL zone_dmz_forward | grep -e '*' | grep -v 'dpts:' | awk '{
> print $9 }' | grep -v '0.0.0.0'
>
> port ranges:
> iptables -nvL | grep -e 'tcp dpts' | awk -F ':' '{ print $3":"$2 }' | sed
> 's/ //g'
> iptables -nvL | grep -e 'tcp spts' | awk -F ':' '{ print $5":"$4 }' | sed
> 's/ //g'
>
> single port:
>
> iptables -nvL | grep 'tcp dpt:' | grep -e '*' -e 'ppp' | cut -d ':' -f 2
>
>
> Thanks in advance
>
> --
> 'The Magic Is In the Movement'
>
>             ___
>           {~._.~}
>           _( Y )_
>          (:_~*~_:)
>           (_)---(_)
> (_Marco_)---(_Savo_)
> ___                    ___
> \-_-/SW Engineer\-_-/
>
> Thanks Marco!

Might just drop those into my .bashrc alias for each search!

-- 
Skype: (623)239-3392
AT&T: (503)754-4452
www.it-clowns.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20091119/a20c0b17/attachment.htm