# iptables -A INPUT -s 10.0.0.1 # iptables -A OUTPUT -d 10.0.0.1 # iptables -vnL Chain INPUT (policy ACCEPT 7967 packets, 4273K bytes) pkts bytes target prot opt in out source destination 16572 4535K all -- * * 10.0.0.1 0.0.0.0/0 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 8562 packets, 6767K bytes) pkts bytes target prot opt in out source destination 2823 2974K all -- * * 0.0.0.0/0 10.0.0.1
# iptables -A INPUT -p tcp --dport 12000 # iptables -A OUTPUT -p tcp --sport 12000 # iptables -vnL Chain INPUT (policy ACCEPT 9806 packets, 5038K bytes) pkts bytes target prot opt in out source destination 669K 184M all -- * * 10.0.0.1 0.0.0.0/0 50 3640 tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:12000 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 10285 packets, 7196K bytes) pkts bytes target prot opt in out source destination 665K 687M all -- * * 0.0.0.0/0 10.0.0.1 10 1288 tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:12000
按照 iptables 的規則語法即可自由組合。需要特定時間的紀錄,用 crontab 導出 iptables -vnL 內容,iptables -D 刪除紀錄,再重新添加即可。