曲径通幽论坛

标题: -R 选项 -- 取代已存在规则 [打印本页]

作者: beyes 时间: 2012-5-9 18:29
标题: -R 选项 -- 取代已存在规则
假设当前 filter 表中的 INPUT 链里已有如下几条规则：

# iptables -t filter -L INPUT --line-number
Chain INPUT (policy ACCEPT)
num  target    prot opt source             destination
1 ACCEPT    tcp  --  anywhere          anywhere
2 ACCEPT    igmp --  anywhere          anywhere
3 ACCEPT    udp  --  anywhere          anywhere
4 ACCEPT    icmp --  anywhere          anywhere

现在我用一条新的规则替换掉第 2 条规则，用法如下：

# iptables -t filter -R INPUT 2 -p ggp -j ACCEPT

# iptables -t filter -L INPUT --line-numbers
Chain INPUT (policy ACCEPT)
num  target    prot opt source             destination
1 ACCEPT    tcp  --  anywhere          anywhere
2 ACCEPT    ggp  --  anywhere          anywhere
3 ACCEPT    udp  --  anywhere          anywhere
4 ACCEPT    icmp --  anywhere          anywhere

欢迎光临曲径通幽论坛 (http://www.groad.net/bbs/)