「-v」オプションを加えると、以下の例のように出力にインタフェース名が含まれる。
$ sudo iptables -L INPUT -n -v Chain INPUT (policy DROP 2 packets, 56 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT tcp -- lxdbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 /* generated for LXD network lxdbr0 */ 27 1760 ACCEPT udp -- lxdbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 /* generated for LXD network lxdbr0 */ 2 646 ACCEPT udp -- lxdbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:67 /* generated for LXD network lxdbr0 */ 1026 59979 ufw-before-logging-input all -- * * 0.0.0.0/0 0.0.0.0/0 1026 59979 ufw-before-input all -- * * 0.0.0.0/0 0.0.0.0/0 34 5861 ufw-after-input all -- * * 0.0.0.0/0 0.0.0.0/0 9 1200 ufw-after-logging-input all -- * * 0.0.0.0/0 0.0.0.0/0 9 1200 ufw-reject-input all -- * * 0.0.0.0/0 0.0.0.0/0 9 1200 ufw-track-input all -- * * 0.0.0.0/0 0.0.0.0/0
「ip6tables」でも同様。
$ sudo ip6tables -L INPUT -n -v Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT tcp lxdbr0 * ::/0 ::/0 tcp dpt:53 /* generated for LXD network lxdbr0 */ 0 0 ACCEPT udp lxdbr0 * ::/0 ::/0 udp dpt:53 /* generated for LXD network lxdbr0 */ 1 90 ACCEPT udp lxdbr0 * ::/0 ::/0 udp dpt:547 /* generated for LXD network lxdbr0 */ 371 63785 ufw6-before-logging-input all * * ::/0 ::/0 371 63785 ufw6-before-input all * * ::/0 ::/0 0 0 ufw6-after-input all * * ::/0 ::/0 0 0 ufw6-after-logging-input all * * ::/0 ::/0 0 0 ufw6-reject-input all * * ::/0 ::/0 0 0 ufw6-track-input all * * ::/0 ::/0
コメント