iptables-legacy(8)



XTABLES-LEGACY(8)           System Manager's Manual          XTABLES-LEGACY(8)

NAME
       xtables-legacy -- iptables using old getsockopt/setsockopt-based kernel
       api

DESCRIPTION
       xtables-legacy are the original versions of iptables that use old  get-
       sockopt/setsockopt-based  kernel  interface.  This kernel interface has
       some limitations, therefore iptables can also be used  with  the  newer
       nf_tables based API.  See xtables-nft(8) for information about the xta-
       bles-nft variants of iptables.

USAGE
       The xtables-legacy-multi binary can be linked to the traditional names:

            /sbin/iptables -> /sbin/iptables-legacy-multi
            /sbin/ip6tables -> /sbin/ip6tables-legacy-multi
            /sbin/iptables-save -> /sbin/ip6tables-legacy-multi
            /sbin/iptables-restore -> /sbin/ip6tables-legacy-multi

       The iptables version  string  will  indicate  whether  the  legacy  API
       (get/setsockopt) or the new nf_tables API is used:
            iptables -V
            iptables v1.7 (legacy)

LIMITATIONS
       When  inserting a rule using iptables -A or iptables -I, iptables first
       needs to retrieve the current active ruleset, change it to include  the
       new  rule, and then commit back the result.  This means that if two in-
       stances of iptables are running concurrently, one of the updates  might
       be lost.  This can be worked around partially with the --wait option.

       There is also no method to monitor changes to the ruleset, except peri-
       odically calling iptables-legacy-save and checking for any  differences
       in output.

       xtables-monitor(8)  will  need  the xtables-nft(8) versions to work, it
       cannot display changes made using the iptables-legacy tools.

SEE ALSO
       xtables-nft(8), xtables-translate(8)

AUTHORS
       Rusty Russell originally wrote iptables,  in  early  consultation  with
       Michael Neuling.

                                   June 2018                 XTABLES-LEGACY(8)

Man(1) output converted with man2html
list of all man pages