What does this iptables -L output mean?

Issues related to configuring your network
ddolecki108
Posts: 31
Joined: 2017/02/28 20:46:44

What does this iptables -L output mean?

Postby ddolecki108 » 2017/04/21 21:00:28

What do these iptables -L output rules mean:

ACCEPT tcp -- anywhere anywhere tcp dpt:8009 state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:8109 state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:8011 state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:webcache state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:us-srv state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:pcsync-https state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:8180 state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:8280 state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:8580 state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:squid state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:cruise-update state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:8309 state NEW,ESTABLISHED

Does "ACCEPT tcp -- anywhere anywhere tcp dpt:8009 state NEW,ESTABLISHED"
mean to accept all TCP packets destined for port 8009 on the local system?

What does "ACCEPT tcp -- anywhere anywhere tcp dpt:webcache state NEW,ESTABLISHED" mean?
is "webcache" a standard port?????, same for squid/cruise-update

Please advise

User avatar
TrevorH
Forum Moderator
Posts: 20339
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: What does this iptables -L output mean?

Postby TrevorH » 2017/04/22 13:10:44

Use iptables-save to read the rules. It shows you things that iptables -L does not.
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

ddolecki108
Posts: 31
Joined: 2017/02/28 20:46:44

Re: What does this iptables -L output mean?

Postby ddolecki108 » 2017/04/23 23:19:52

How to convert iptables rules to firewalld rules?
example: ACCEPT tcp -- anywhere anywhere tcp dpt:8309 state NEW,ESTABLISHED
how to convert the above to a firewalld rule?