here a bit of iptables output without -n
Code:
Chain FORWARD (policy DROP 75 packets, 3744 bytes)
pkts bytes target prot opt in out source destination
425M 41G ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
0 0 DROP all -- any gre+ anywhere !localhost/8
216 90685 DROP all -- gre+ any !localhost/8 anywhere
1547K 59M ACCEPT icmp -- any any localhost anywhere
562K 25M ACCEPT tcp -- any any localhost anywhere tcp dpt:9010
4454 199K ACCEPT all -- any any localhost anywhere
3 144 ACCEPT all -- any any localhost anywhere
0 0 ACCEPT all -- any any localhost/29 anywhere
14 672 ACCEPT all -- any any localhost/24 anywhere
0 0 ACCEPT all -- any any localhost/24 anywhere
1 48 ACCEPT all -- any any localhost/24 anywhere
0 0 ACCEPT all -- any any localhost/24 anywhere
3 144 ACCEPT all -- any any localhost/24 anywhere
0 0 ACCEPT all -- any any localhost/24 anywhere
0 0 ACCEPT all -- any any localhost/24 anywhere
That what is labeled localhost isn't local.
If one uses -n it shows the correct 10.x.x.x addresses from our network.
I don't have a clue why it would think those addresses are localhost.