iptables | ALLGO 一起来!

iptables 可以加载comment模块，对规则加以解释，方便管理！

# iptables -m comment -help
iptables v1.4.10
.
.
.
comment match options:
--comment COMMENT Attach a comment to a rule

示例：

# iptables -t filter -I INPUT -p tcp --dport 21 -j ACCEPT -m comment --comment "remark"
# iptables -t filter -I INPUT -m comment --comment "remark" -p tcp --dport 21 -j ACCEPT

# iptables -t filter -nL INPUT
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:21 /* remark */ 
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           /* remark */ tcp dpt:21



# iptables -t filter -I INPUT -m comment --comment "remark1" -p tcp --dport 21 -j ACCEPT -m comment --comment "remark2"

# iptables -t filter -nL INPUT
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           /* remark1 */ tcp dpt:21 /* remark2 */

参考：

http://spamcleaner.org/en/misc/iptables-comment.html

ALLGO 一起来!

Go! Go! Go!

分类目录归档：iptables

iptables-comment加注释