# iptables-legacy-restore(8) - man - phpMan

[XTABLES-LEGACY(8)](https://www.chedong.com/phpMan.php/man/XTABLES-LEGACY/8/markdown)                      System Manager's Manual                     [XTABLES-LEGACY(8)](https://www.chedong.com/phpMan.php/man/XTABLES-LEGACY/8/markdown)



## NAME
       xtables-legacy — iptables using old getsockopt/setsockopt-based kernel api


## DESCRIPTION
       **xtables-legacy** are the original versions of iptables that use old getsockopt/setsockopt-based
       kernel interface.  This kernel interface has some limitations, therefore iptables can also be
       used  with  the newer nf_tables based API.  See [**xtables-nft(8)](https://www.chedong.com/phpMan.php/man/xtables-nft/8/markdown)** for information about the xta‐
       bles-nft variants of iptables.


## USAGE
       The xtables-legacy-multi binary can be linked to the traditional names:

            /sbin/iptables -> /sbin/iptables-legacy-multi
            /sbin/ip6tables -> /sbin/ip6tables-legacy-multi
            /sbin/iptables-save -> /sbin/ip6tables-legacy-multi
            /sbin/iptables-restore -> /sbin/ip6tables-legacy-multi

       The iptables version string will indicate whether the legacy API (get/setsockopt) or the  new
       nf_tables API is used:
            iptables -V
            iptables v1.7 (legacy)


## LIMITATIONS
       When  inserting a rule using iptables -A or iptables -I, iptables first needs to retrieve the
       current active ruleset, change it to include the new rule, and then commit back  the  result.
       This  means  that  if  two instances of iptables are running concurrently, one of the updates
       might be lost.  This can be worked around partially with the --wait option.

       There is also no method to monitor changes to the ruleset, except periodically calling  ipta‐
       bles-legacy-save and checking for any differences in output.

       [**xtables-monitor(8)](https://www.chedong.com/phpMan.php/man/xtables-monitor/8/markdown)**  will  need the [**xtables-nft(8)](https://www.chedong.com/phpMan.php/man/xtables-nft/8/markdown)** versions to work, it cannot display changes
       made using the **iptables-legacy** tools.


## SEE ALSO
       [**xtables-nft(8)](https://www.chedong.com/phpMan.php/man/xtables-nft/8/markdown)**, [**xtables-translate(8)](https://www.chedong.com/phpMan.php/man/xtables-translate/8/markdown)**


## AUTHORS
       Rusty Russell originally wrote iptables, in early consultation with Michael Neuling.



                                              June 2018                            [XTABLES-LEGACY(8)](https://www.chedong.com/phpMan.php/man/XTABLES-LEGACY/8/markdown)