Using iptables and watch command
Using iptables
to list filtering rules is OK. Running this command in a shell loop can help but it needs that you write a shell script.
Another convenient way is to use the watch
command:
watch --interval 0 'iptables -nvL'
or
sudo watch --interval 0 'iptables -nvL'
depending on whether you’re logged as super-user or not.
This will show a permanent iptables -L
with a refresh interval that can be specified:
watch --interval 0 'iptables -nvL'
will refresh every second.
Typical output will be:
Every 10,0s: iptables -nvL Tue Nov 3 16:35:19 2015 Chain INPUT (policy DROP 44001 packets, 2444K bytes) pkts bytes target prot opt in out source destination 3 160 fail2ban-ssh tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 22 11M 1770M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 107K 6878K ACCEPT tcp -- * * 78.193.xx.xx 0.0.0.0/0 0 0 ACCEPT tcp -- * * 195.154.xx.xx 0.0.0.0/0 231K 14M ACCEPT tcp -- * * 213.36.xx.xx 0.0.0.0/0 0 0 ACCEPT tcp -- * * 195.154.xx.xx 0.0.0.0/0 2 92 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:548 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 0 1475 139K ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8 134 9600 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:80 110 6563 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:443 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:943 136K 9529K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1194 1423 85360 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:4949 3 120 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:873 state NEW,ESTABLISHED 24 1910 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:161 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:162 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:119 2 92 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3000 156 7584 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080 2952 177K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT tcp -- * * 172.27.xx.xx/24 0.0.0.0/0 0 0 ACCEPT tcp -- as0t0 * 0.0.0.0/0 0.0.0.0/0 3 192 ACCEPT tcp -- as0t1 * 0.0.0.0/0 0.0.0.0/0