Linux command
ip6tables 命令
安全
权限或系统影响较大,执行前请核对目标。
常用示例
List
sudo ip6tables -L
List
sudo ip6tables -L --line-numbers
Accept
sudo ip6tables -A INPUT -p tcp --dport 22 -j ACCEPT
Drop
sudo ip6tables -A INPUT -s 2001:db8::1 -j DROP
Delete
sudo ip6tables -D INPUT 1
Flush
sudo ip6tables -F
说明
ip6tables is the IPv6 packet filter administration tool. It has the same syntax and functionality as iptables but operates on IPv6 traffic. It manages rules for filtering, NAT, and packet mangling.
参数
- -L, --list
- List all rules in the selected chain.
- -A, --append
- Append a rule to the end of chain.
- -D, --delete
- Delete a rule from chain.
- -I, --insert
- Insert a rule at position.
- -R, --replace
- Replace a rule in the selected chain.
- -F, --flush
- Flush (delete all rules in) a chain.
- -N, --new-chain
- Create a user-defined chain.
- -X, --delete-chain
- Delete a user-defined chain.
- -P, --policy
- Set default policy for a chain (ACCEPT/DROP).
- -Z, --zero
- Zero the packet and byte counters.
- -p, --protocol
- Protocol to match (tcp, udp, icmpv6).
- --dport
- Destination port.
- --sport
- Source port.
- -s, --source
- Source address.
- -d, --destination
- Destination address.
- -i, --in-interface
- Interface a packet was received on.
- -o, --out-interface
- Interface a packet is going to be sent on.
- -j, --jump
- Target (ACCEPT, DROP, REJECT, LOG, etc.).
- -v, --verbose
- Verbose output (show counters and interfaces).
- -n, --numeric
- Show numeric addresses and ports instead of resolving names.
- --line-numbers
- Show rule numbers when listing.
FAQ
What is the ip6tables command used for?
ip6tables is the IPv6 packet filter administration tool. It has the same syntax and functionality as iptables but operates on IPv6 traffic. It manages rules for filtering, NAT, and packet mangling.
How do I run a basic ip6tables example?
Run `sudo ip6tables -L` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does -L, --list do in ip6tables?
List all rules in the selected chain.