IP Table, what does this construct mean ::INPUT ACCEPT [0:0]

firewall iptables ip

10,523

It means that the default policy for those three chains is ACCEPT, so all packets (in, out, and forwarded through your system) are 'accepted' (go through), and not firewalled (rejected or dropped).

Depending on the place where you got that, it might mean your current policy, or the default 'empty' policy for your system.

more info here

10,523

thugzclub

Updated on September 18, 2022

Comments

thugzclub almost 2 years

I am looking at an IP Table construct, what does the following mean :

:INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0]

thanks
- Admin about 12 years
  
  where did you get that output from? What command produced it?
- Admin over 2 years
  
  @mulaz Probably from iptables-save.
thugzclub about 12 years

Thanks Mulaz - so it negates the need to explicitly put the ACCEPT construct - smart...Is there a smart tool that allows you to dump in IP table firewall config and it will explain it in plain english ? I need to do some firewall rule analysis...
mulaz about 12 years

It depends on the setup. If you want blacklisting (allow all, deny just some IP's/connections), you leave the policy to ACCEPT, and add rules to block (iptables -A INPUT -s some.bad.ip.addr -j DROP)
mulaz about 12 years

If you want whitelisting (more secure, so "better"), you alow some IP's (iptables -A INPUT -s some.good.ip.addr -j ACCEPT), and then change the default policy to DROP (iptables -P INPUT DROP)
mulaz about 12 years

basically, you put a bunch of accept/drop/reject rules, and if the packet doesn't match any of them the default policy is applied (in your example, the packet is accepted). Sorry, for another comment, not enough coffee for a time like this
Jason Martin about 7 years

The 0:0 is a byte and packet counter.