From 79fbd1a2e9575e91388702fcbc261d5bd94991dc Mon Sep 17 00:00:00 2001
From: Andres Hermosilla <ahermosilla@barracuda.com>
Date: Thu, 20 Jul 2017 13:26:24 -0700
Subject: [PATCH] Added iptables notes & script to show modules help

---
 bin/iptables_modules_help.sh | 20 ++++++++++++++++++++
 itables-nft.md               |  7 +++++++
 2 files changed, 27 insertions(+)
 create mode 100644 bin/iptables_modules_help.sh

diff --git a/bin/iptables_modules_help.sh b/bin/iptables_modules_help.sh
new file mode 100644
index 0000000..c16fb7b
--- /dev/null
+++ b/bin/iptables_modules_help.sh
@@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+
+set -e
+
+readonly modules=$(ls /lib/modules/$(uname -r)/kernel/net/netfilter/xt_* | grep -oP '(?<=xt_)([a-z]+)')
+
+for m in $modules
+do
+  helps=$(iptables -m "$m" -h 2>&1 | awk '/match options:$/,0' | sed 's/^/   /')
+
+  if [[ -z $helps ]]
+  then
+    continue
+  fi
+
+  echo "--------------------------------------------------------------------"
+  echo
+  echo "$helps"
+  echo
+done
\ No newline at end of file
diff --git a/itables-nft.md b/itables-nft.md
index ef8cc21..6e91289 100644
--- a/itables-nft.md
+++ b/itables-nft.md
@@ -13,6 +13,8 @@ will typically only interact with the filter table.
 - raw 
 - security (SeLinux)
 
+## Rules
+
 **List all the rules**  
 `sudo iptables -L -v --line-numbers`
 
@@ -37,6 +39,11 @@ http://ipset.netfilter.org/iptables-extensions.man.html
 
 **Get Help on module**  
 `iptables -m conntrack -h`
+`iptables -m hashlimit -h 2>&1 | awk '/match options:$/,0'`
+
+### Accounting
+- https://home.regit.org/2012/07/flow-accounting-with-netfilter-and-ulogd2/
+
 
 ## Throttling, Rate Limiting
 - https://www.rackaid.com/blog/how-to-block-ssh-brute-force-attacks/