[linux] iptables 用法

全部顯示 不用等
iptables -L -n -v -x
-L lists all the rules.
-n does not resolve the ip addresses.
-v lists the packet and byte count.
-x displays the byte count (otherwise it gets abbreviated to 200K, 3M, etc).
-F Flush a Single Chain
-Z To clear the counters for all chains and rules, use the -Z option by itself:
sudo iptables -S
sudo iptables -L –line-numbers
sudo iptables -Z INPUT 1
sudo iptables -D INPUT -m conntrack –ctstate INVALID -j DROP
sudo iptables -F INPUT
reference: http://www.catonmat.net/blog/traffic-accounting-with-iptables/