Convert iptables line to command-line syntax for CSF bash script

Question

This is the question about command-line iptables syntax. I have the following chains in /etc/sysconfig/iptables

# Generated by iptables-save v1.4.21 on Fri May 22 07:51:03 2015
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT

but I need them to write to bash CSFPRE.SH for CSF firewall, so they should be in a command-line like

iptables -t nat -I POSTROUTING -s 192.168.254.0/24 -o br0 -j SNAT --to-source 69.64.56.847

or

iptables -A FORWARD -s 192.168.254.0/24 -m state --state NEW -j ACCEPT

But with the lines above I have a stumbling block. I already tried something like

iptables :PREROUTING ACCEPT [0:0]
iptables -t nat -I :PREROUTING ACCEPT [0:0]

but no success.

    iptables -P PREROUTING ACCEPT

says

iptables: Bad built-in chain name.

So still not a solution. Thanks in advance for any hint else to try

score 0 · Answer 1 · answered Jun 29 '15 at 18:11

0

After some tests my solution was

iptables -t nat -P PREROUTING ACCEPT
iptables -t nat -P POSTROUTING ACCEPT

answered Jun 29 '15 at 18:11

Serge

1 Answers1