LinuxQuestions.org - questions about iptables

- Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)

- - questions about iptables (https://www.linuxquestions.org/questions/linux-newbie-8/questions-about-iptables-4175542375/)

gengyabc

05-12-2015 09:39 AM

questions about iptables

Hi everyone
I have a question about iptables

This line

Code:

iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT

why there is a "-m tcp"? what does this mean? I checked some book and man, I did not find what does this mean.

Thank you very much for your help.

Habitual

05-12-2015 10:26 AM

Welcome to LQ!
at http://ipset.netfilter.org/iptables.man.html shows

Code:

      -m, --match match

              Specifies a match to use, that is, an extension module that tests for a specific property. The set  of

              matches  make up the condition under which a target is invoked. Matches are evaluated first to last as

              specified on the command line and work in short-circuit fashion, i.e. if one extension  yields  false,

              evaluation will stop.

What that means exactly, I don't know, never had to use or implement it or if it involves a rule named tcp.

lazydog

05-12-2015 10:26 AM

'-m' = Match

Code:

-m, --match match

Specifies a match to use, that is, an extension module that tests for a specific property. The set of matches make up the 

condition under which a target is invoked. Matches are evaluated first to last as specified on the command line and work in 

short-circuit fashion, i.e. if one extension yields false, evaluation will stop.

gengyabc

05-13-2015 09:12 AM

Thank you very much.
then I will not use -m tcp.

All times are GMT -5. The time now is 06:07 PM.