When running the command iptables -vL you may find that :
- the output displays slowly.
- the output (appears) to have hung.
You can further see what IPtables is doing via running iptables -vL. From this you will most likely see iptables trying to run a reverse DNS lookup (and failing).
Solution
Due to IPtables trying to resolve the IP addresses to name you will need to add the -n switch to successfully list the chains. . The -n switch ensures the numeric output of addresses and ports.
[root@linux ~]# iptables -nvL
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
16500 1052K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
1 52 ACCEPT tcp -- * * 172.16.1.100 0.0.0.0/0 state NEW tcp dpt:9876
0 0 ACCEPT tcp -- * * 172.16.1.1 0.0.0.0/0 tcp dpt:80
!! remainder of output omitted !!
[root@MCAFEEGW7-B ~]# iptables -vL
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
14986 955K ACCEPT all — any any anywhere anywhere state RELATED,ESTABLISHED
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
14986 955K ACCEPT all — any any anywhere anywhere state RELATED,ESTABLISHED
Rick Donato is a Network Automation Architect/Evangelist and the founder of Packet Coders.
Latest posts by Rick Donato (see all)
- How to Configure a BIND Server on Ubuntu - March 15, 2018
- What is a BGP Confederation? - March 6, 2018
- Cisco – What is BGP ORF (Outbound Route Filtering)? - March 5, 2018
Want to become a Linux expert?
Here is our hand-picked selection of the best courses you can find online:
Linux Mastery course
Linux Administration Bootcamp
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial