Iptables empty but the rule exists

Question

I'm running a web service that listen to port 3000. Then I added a redirect rule in my iptable as follows:

sudo iptables -t nat -A OUTPUT -o lo -p tcp --dport 80 -j REDIRECT --to-port 3000

This works perfectly but:

Why there is no rules displayed running sudo iptables -L?

Why is the rule persistent? after rebooting the server the redirect from 80 to 3000 still works, according to this I need to use iptables-persistent which I'm not using.

So you didn't install iptables-persistent? – Redbob Aug 23 '17 at 15:00 — Redbob, Aug 23 '17 at 15:00

score 6 · Answer 1 · answered Aug 23 '17 at 22:08

1.) The command:

sudo iptables -L

only displays the main iptables chains, however the command you listed would have been added to the nat table. You need to use:

sudo iptables -t nat -L

Myself, I would use these versions:

sudo iptables -t nat -v -x -n -L
sudo iptables -v -x -n -L

2.) There are many ways to make the rules auto apply after re-boot. The iptables-persistent method is just one method (which I do not use, by the way). We would need some more information to be able to help further.

Iptables empty but the rule exists

1 Answers1