3
I was wondering is there a command to list / find all the iptables' rules on port 80 (or any other port)? For example something like this:
iptables --list | grep port 80
Dennis
Posted 2018-10-05T01:06:21.023
Reputation: 31
How to find all the Iptables rules on port 80
Answers
1
iptables --list|grep "spt:\|dpt:\|dports\|sports"
spt: and dpt cover individual port rules
sports and dports cover multiport command
Now all rules that mention ports should be listed.
iptables --list|grep "spt:\|dpt:\|dports\|sports"|grep http
Once you do this you realize that iptables uses the port name, so you have to grep for http instead of 80.
If you want to see actual port numbers you will to do this:
iptables-save|grep "spt:\|dpt:\|dports\|sports"
The output will be significantly different so this may or may not work for you.
iptables-save|grep "spt:\|dpt:\|dports\|sports"|grep 80
cybernard
Posted 2018-10-05T01:06:21.023
Reputation: 11 200
Wow! Excellent! Thank you so much! That's exactly what I needed! – Dennis – 2018-10-05T04:30:40.740
1You can just use "-n" in the iptables command to see actual port numbers. – davidgo – 2018-10-05T04:34:12.383
@Dennis Please mark my answer as correct. – cybernard – 2018-10-05T11:38:41.227
I do not know how to mark your answer Cybernard. I do not have enough "reputation points" to do anything here. – Dennis – 2018-10-06T13:36:34.340
0
One thing to remember, you are looking at 80 because you want web traffic. I don't know exactly what you are doing, but just in-case this helps, remember 80 is primary http, but 8080 is also configured in some web servers as a secondary, as well as 443 is secure web protocol (HTTPS via SSL).
This isn't supposed to be an answer, just a comment on the first answer, but I don't have enough reputation points to post comments, so... I still hope this is helpful
PyTis
Posted 2018-10-05T01:06:21.023
Reputation: 109
Thank you for your input. There are too many iptables' rules so I simply wanted to sort them out / list only those that are applied on port 80. That is a lot easier than to browse through thousands of them one by one . – Dennis – 2018-10-05T04:35:55.230
Your command needs double quotes as the string contains white space:
iptables --list | grep "port 80"– Nasir Riley – 2018-10-05T02:05:38.607Thank you for your comment. It was just a general idea on syntax. No quotes or any other 'variations' of this command show the iptables rules on port 80. – Dennis – 2018-10-05T02:26:56.990
That means that there are no rules for port 80. Run the command without
grepand you'll see all of the rules. – Nasir Riley – 2018-10-05T02:46:30.547Thanks. There are many iptbales' rules on port 80, but the command I "thought of" (iptables --list | grep port 80) either with or without quotes, grep and so on simply does not work. I do not need all the rules, I need only those applied to port 80. – Dennis – 2018-10-05T04:25:59.007
Instead of using "port 80" use "http" - It appears that iptables uses the mappings in /etc/services for known ports. Alternatively you can use the -n switch to disable lookups. Also, grep ":80" (not port 80) – davidgo – 2018-10-05T04:33:11.883
Also, keep in mind that
iptables --listdefaults to theFILTERtable. There may be other rules in other tables, so use-t NATetc. for the rest. – dirkt – 2018-10-05T05:39:57.530I apologize for the error on my part. Your
grepstring should begrep "ports 80" orgrep "dports 80". The string that will appear isdports 80so either of thosegrepstrings will return the output that you want. – Nasir Riley – 2018-10-05T20:39:17.597Hey davidgo your suggestion iptables --list | grep ":80" returned zero results, even though there are many rules on port 80. – Dennis – 2018-10-06T14:46:01.733