You are here

Finding iptables Rule Numbers

A lot of commands for iptables work with targeting a specific rule number. To find the rule we usually run iptables --list. Then I always forget if the rule numbers start at zero or one (it's one) and then have to manually count through the dozen or more rules I have in place. I'm never confident I'm targeting the correct rule, causing me a bunch of headaches. No iptables tutorials I ever encountered or even the iptables man page easily lets you know that you can add the --line-numbers to display the rule number. Hopefully this will help other people out.

iptables --list --line-numbers

Also, when you insert a rule and specify the rule number, it will be placed before the number you specify. So if you insert a rule at number 3, the old rule number 3 becomes 4 and so on down the chain.