「-v」オプションを加えると、以下の例のように出力にインタフェース名が含まれる。
$ sudo iptables -L INPUT -n -v
Chain INPUT (policy DROP 2 packets, 56 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- lxdbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 /* generated for LXD network lxdbr0 */
27 1760 ACCEPT udp -- lxdbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 /* generated for LXD network lxdbr0 */
2 646 ACCEPT udp -- lxdbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:67 /* generated for LXD network lxdbr0 */
1026 59979 ufw-before-logging-input all -- * * 0.0.0.0/0 0.0.0.0/0
1026 59979 ufw-before-input all -- * * 0.0.0.0/0 0.0.0.0/0
34 5861 ufw-after-input all -- * * 0.0.0.0/0 0.0.0.0/0
9 1200 ufw-after-logging-input all -- * * 0.0.0.0/0 0.0.0.0/0
9 1200 ufw-reject-input all -- * * 0.0.0.0/0 0.0.0.0/0
9 1200 ufw-track-input all -- * * 0.0.0.0/0 0.0.0.0/0
「ip6tables」でも同様。
$ sudo ip6tables -L INPUT -n -v
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp lxdbr0 * ::/0 ::/0 tcp dpt:53 /* generated for LXD network lxdbr0 */
0 0 ACCEPT udp lxdbr0 * ::/0 ::/0 udp dpt:53 /* generated for LXD network lxdbr0 */
1 90 ACCEPT udp lxdbr0 * ::/0 ::/0 udp dpt:547 /* generated for LXD network lxdbr0 */
371 63785 ufw6-before-logging-input all * * ::/0 ::/0
371 63785 ufw6-before-input all * * ::/0 ::/0
0 0 ufw6-after-input all * * ::/0 ::/0
0 0 ufw6-after-logging-input all * * ::/0 ::/0
0 0 ufw6-reject-input all * * ::/0 ::/0
0 0 ufw6-track-input all * * ::/0 ::/0
コメント