iptc unable to fetch correct number of rules

[madhanmellanox]

I am using Debian Linux: Distribution: Debian 10.4 Kernel: 4.19.0-6-2-amd64

When I run a python script to get the number of rules in chain "INPUT", it is returning 0 rules, but actually there are more than 10 rules in INPUT chain

import iptc chain = iptc.Chain(iptc.Table(iptc.Table.FILTER),"INPUT") print(chain.name) print(len(chain.rules))

admin@sonic:/tmp$ sudo python abc.py INPUT 0 admin@sonic:/tmp$ admin@sonic:/tmp$ admin@sonic:/tmp$ admin@sonic:/tmp$ admin@sonic:/tmp$ sudo iptables -L -n -v Chain INPUT (policy ACCEPT 722 packets, 81560 bytes) pkts bytes target prot opt in out source destination 6697K 637M ACCEPT all -- lo 127.0.0.1 0.0.0.0/0 271K 973M ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED 6520 548K ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 8 0 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 0 0 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 3 .... ... omitted ... 0 0 DROP all -- 0.0.0.0/0 10.0.0.58 0 0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 TTL match TTL < 2 50 3856 DROP all -- * 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 DROP all -- 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT 6831K packets, 644M bytes) pkts bytes target prot opt in out source destination

Warning: iptables-legacy tables present, use iptables-legacy to see them

admin@sonic:/tmp$

[ldx]

Probaby your system is nftables-based, and python-iptables only works with legacy iptables. See #306