iptables acl versus cisco acl
I have a question regarding iptables rules!
In cisco environment u can create an acl, but if u don't apply it on an interface and direction it doesn't filter anything; so u should apply it on an interface and also on a direction (in/out)
In linux environment u create a rule with iptables command for a tables and chain; ex. filter table , INPUT chain ... but when u have multiple network interfaces how can u specify the direction? INPUT is for WAN or LAN interface ?
If I set the policy for INPUT/filter to DROP, the kernel will drop the packets originating from WAN and for LAN also, how can I specify the direction? I want to set policy to DROP for INPUT/filter for WAn interface and let everybody from my LAN to do everything...