[Bug 1752] iptables-save not showing default chains
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Tue Jun 11 14:51:22 CEST 2024
https://bugzilla.netfilter.org/show_bug.cgi?id=1752
--- Comment #7 from Phil Sutter <phil at nwl.cc> ---
Hi,
(In reply to ervrkharade from comment #4)
>
> The main issue here is why iptables-save command not showing any output
> including default chains which are visible on Redhat, centOS etc.
Here's a freshly booted CentOS-Stream-9 VM:
| [root at vm-10-0-185-242 ~]# uname -a
| Linux vm-10-0-185-242.hosted.upshift.rdu2.redhat.com 5.14.0-452.el9.x86_64 #1
SMP PREEMPT_DYNAMIC Sat May 18 20:39:48 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
| [root at vm-10-0-185-242 ~]# cat /etc/redhat-release
| CentOS Stream release 9
| [root at vm-10-0-185-242 ~]# iptables-save
| [root at vm-10-0-185-242 ~]#
> for example in any Ubuntu it's not showing any default chains and In other
> Linux example CentOS , Redhat it shows default chains when we run
> iptables-save command example mentioned in the ticket description.
>
> you can try to run iptables-save command on redhat and ubuntu machine and
> see the difference in output.
It is a misconception that iptables-save should print "default chains". In
fact, it will print only existing ones. See what happens on the same machine
when adding a rule to filter table's FORWARD chain:
| [root at vm-10-0-185-242 ~]# iptables -A FORWARD -j ACCEPT
| [root at vm-10-0-185-242 ~]# iptables-save
| # Generated by iptables-save v1.8.10 (nf_tables) on Tue Jun 11 08:02:35 2024
| *filter
| :INPUT ACCEPT [0:0]
| :FORWARD ACCEPT [0:0]
| :OUTPUT ACCEPT [0:0]
| -A FORWARD -j ACCEPT
| COMMIT
| # Completed on Tue Jun 11 08:02:35 2024
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20240611/30dfcbcb/attachment.html>
More information about the netfilter-buglog
mailing list