iptables show just one chain

Question

tldr: How can I get iptables to show just one chain?

I can have iptables show just one table, but a table consists of multiple chains. I need to find where in chain INPUT is the last rule (usually but not always the REJECT all rule).

I've tried awk and even some grep, but my skill in those must be waning. I've tried using awk to get just one paragraph, but that doesn't seem to work on the output of iptables --line-numbers -n -L -t filter maybe because those blank lines aren't really blank.

I am looking for a solution with any normal gnu tools that would be installed on a CentOS 6 minimal environment.

`iptables -L INPUT -n -v -t filter` – Aaron Jun 20 '17 at 23:40 — Aaron, Jun 20 '17 at 23:40

score 30 · Accepted Answer · answered Mar 27 '17 at 14:16

30

I almost deleted this question. D'oh! From man iptables:

   -L, --list [chain]
          List  all rules in the selected chain.

answered Mar 27 '17 at 14:16

bgStack15

911
1
9
23

Fortunately, you didn't delete it :) Your self-answering question is top 1 Google search result, and gets 18k views! RTFM(✘) Google it (✔) – Weekend Apr 07 '20 at 06:01

score 4 · Answer 2 · answered Jun 20 '17 at 22:57

4

For those who might want to look at the mangle or nat tables with chains you can do so like

iptables -L mychainname -t mangle

Then it will show you that chain in the mangle table.

answered Jun 20 '17 at 22:57

Onyxdragun

41
1

score 0 · Answer 3 · answered Jan 31 '22 at 01:33

0

-S option too can do the job:

iptables -S INPUT | tail -1

answered Jan 31 '22 at 01:33

YetAnotherUser

111
5

iptables show just one chain

3 Answers3