关于IPTables的问题
我想问下Linux中的IPTables中在我的映像中。设置完后通过
iptables -L -v
命令查寻时,好像target 表项都有对应的操作。今天我遇到一个无操作的。。这是什么情况?
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 all -- !lo+ any anywhere anywhere ! quota globalAlert: 2097152 bytes
0 0 costly_rmnet0 all -- rmnet0 any anywhere anywhere [goto]
0 0 costly_rmnet1 all -- rmnet1 any anywhere anywhere [goto]
384 28896 ACCEPT all -- lo any anywhere anywhere
2 616 all -- any any anywhere anywhere owner socket exists
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 all -- any !lo+ anywhere anywhere ! quota globalAlert: 2097152 bytes
2 112 costly_rmnet0 all -- any rmnet0 anywhere anywhere [goto]
0 0 costly_rmnet1 all -- any rmnet1 anywhere anywhere [goto]
384 28896 ACCEPT all -- any lo anywhere anywhere
2 134 all -- any any anywhere anywhere owner socket exists
我想问下这是什么情况?
默认没有target的规则默认的动作是什么?
[解决办法]
-j, --jump target
This specifies the target of the rule; i.e., what to do if the
packet matches it. The target can be a user-defined chain
(other than the one this rule is in), one of the special builtin
targets which decide the fate of the packet immediately, or an
extension (see EXTENSIONS below). If this option is omitted in
a rule (and -g is not used), then matching the rule will have no
effect on the packet’s fate, but the counters on the rule will
be incremented.
当计数器用。