On Thu, Nov 19, 2009 at 3:07 PM, Lisa Kachold <
lisakachold@obnosis.com>wrote:
>
>
> On Thu, Nov 19, 2009 at 5:27 AM, Marco Savo <savomarco@gmail.com> wrote:
>
>> Hello,
>> I may find out the answer by myself, but may be useful to someone else...
>>
>> I have an embedded router that runs openwrt.
>>
>> I'd like to be able to read the firewall rules from iptables,
>> you can see all rules from iptables -nvL
>> How I can identify the rules for port forwarding or dmz? in particolar, I
>> need to know the range of ports that are in port forwarding, or if all ports
>> have been forwarded to dmz on the lan. I know this is wrong, but this is
>> what I do:
>>
>> DMZ for all ports:
>> iptables -nvL zone_dmz_forward | grep -e '*' | grep -v 'dpts:' | awk '{
>> print $9 }' | grep -v '0.0.0.0'
>>
>> port ranges:
>> iptables -nvL | grep -e 'tcp dpts' | awk -F ':' '{ print $3":"$2 }' | sed
>> 's/ //g'
>> iptables -nvL | grep -e 'tcp spts' | awk -F ':' '{ print $5":"$4 }' | sed
>> 's/ //g'
>>
>> single port:
>>
>> iptables -nvL | grep 'tcp dpt:' | grep -e '*' -e 'ppp' | cut -d ':' -f 2
>>
>>
>> Thanks in advance
>>
>>
>> Thanks Marco!
>
> Might just drop those into my .bashrc alias for each search!
>
> Well, that was a question, I don't know if they are correct, the source
port range may differ to the destination one, the iptables rules can be
messed up...
--
'The Magic Is In the Movement'
___
{~._.~}
_( Y )_
(:_~*~_:)
(_)---(_)
(_Marco_)---(_Savo_)
___ ___
\-_-/SW Engineer\-_-/
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)