Hi,

I'm trying to test whether a particular range of IP addresses is being blocked at the firewall. The server is using APF.

Looking online, several forums suggested using the iptables -C command to test whether packets from a particular IP address is being blocked. e.g.

Code:
iptables -C forward -p tcp -s 172.16.1.0 1025 -d 66.98.214.91 80 -i eth0 accepted
Now when I run this command I am told that the -C switch does not exist. From what I can gather this is a deprecated function of iptables.

So my question is:
Is there a iptables -C equivalent (either for iptables or APF) where I can test my rules?
In particular I would like to test a specific set of IP addresses to see if they are being blocked.


Thanks in advance.