Cybersecurity Triage
Show iptables INPUT Rules
You need a concise view of the iptables INPUT chain policy and rules.
Command
iptables -S INPUTWhat changed
Nothing changes. iptables prints the INPUT chain in a reusable rule format.
Danger
safe
When to use it
Use on systems where iptables rules may still be active or where tooling reports iptables syntax.
When not to use it
Do not assume iptables output covers nftables-native rules on every modern distribution.
Undo or recovery
No undo needed because this command is read-only.
Expected output
INPUT policy and append rules for accepted or dropped traffic.
demo script
Disposable terminal steps
iptables -S INPUTiptables -S INPUT | grep -- '--dport'
simulated output
What it looks like
::fixture-ready::
$ iptables -S INPUT
-P INPUT DROP
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -s 203.0.113.0/24 --dport 22 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 80,443 -j ACCEPT
-A INPUT -p tcp --dport 25 -j ACCEPT
-A INPUT -p tcp --dport 5432 -j DROP
::exit-code::0
$ iptables -S INPUT | grep -- '--dport'
-A INPUT -p tcp -s 203.0.113.0/24 --dport 22 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 80,443 -j ACCEPT
-A INPUT -p tcp --dport 25 -j ACCEPT
-A INPUT -p tcp --dport 5432 -j DROP
::exit-code::0
YouTube Short
Read iptables INPUT rules.
On older or mixed systems, iptables output can explain why traffic is allowed or dropped.
LinkedIn hook
Legacy firewall state can still explain live exposure.
Question: Do you still check iptables on mixed firewall hosts?
experiments
A/B tests to run
Metric: save_rate
A: Legacy rules still matter.
B: Print INPUT rules safely.