UC-7400-LX Plus User’s Manual
Managing Communications
4-6
The UC-7400-LX Plus supports the following sub-modules. Be sure to use the module that
matches your application.
ip_conntrack ipt_MARK ipt_ah
ipt_state
ip_conntrack_ftp ipt_MASQUERADE
ipt_esp
ipt_tcpmss
ipt_conntrack_irc ipt_LOG
ipt_length
ipt_tos
ip_nat_ftp ipt_REDIRECT
ipt_limit ipt_ttl
ip_nat_irc ipt_REJECT
ipt_mac iptable_mangle
ip_nat_snmp_basic ipt_TCPMSS
ipt_mark
iptable_nat
ip_queue ipt_TOS ipt_multiport
iptable_filter
ipt_LOG ipt_ULOG
ipt_owner
ip_tables
NOTE
The UC-7400-LX Plus does NOT support IPV6 and ipchains.
The basic syntax to enable and load an IPTABLES module is as follows:
#lsmod
#modprobe ip_tables
#modprobe iptable_filter
Use lsmod to check if the ip_tables module has already been loaded in the UC-7400-LX Plus. Use
modprobe
to insert and enable the module.
Use the following command to load the modules (
iptable_filter, iptable_mangle, iptable_nat
):
#modprobe iptable_filter
NOTE
IPTABLES plays the role of packet filtering or NAT. Take care when setting up the IPTABLES
rules. If the rules are not correct, remote hosts that connect through a LAN or PPP may be denied
access. We recommend using the serial console to set up the IPTABLES.
Click on the following links for more information about iptables.
Observe and erase chain rules
,
Define policy rules
, and
Append or delete rules
.
Observe and erase chain rules
Usage:
# iptables [-t tables] [-L] [-n]
-t tables: Table to manipulate (default: ‘filter’); example: nat or filter.
-L [chain]: List List all rules in selected chains. If no chain is selected, all chains are listed.
-n: Numeric output of addresses and ports.
# iptables [-t tables] [-FXZ]
-F: Flush the selected chain (all the chains in the table if none is listed).
-X: Delete the specified user-defined chain.
-Z: Set the packet and byte counters in all chains to zero.