iptables ruleset question
Hi everyone.
I have a question concerning iptables. For years I used to write my rules and chains on my own. Unfortunately, most of my users don't know how to do that on their machines, so I was condemned to check out some tools. On my machine, the firewall manager I am testing for the users in my network insists on putting an accept all to everywhere rule infront of the INPUT chain, like so: Code:
Chain INPUT (policy DROP) Please tell me if I'm wrong here. thx |
You're completely right, ACCEPT without any parameters will not really be a filter. There is a chance that they are only doing this for the loopback interface, or such, though. Best check with -v and --line-numbers:
Code:
iptables -L -n -v --lin -Bert |
You are right, the rule only applies to the loopback interface. My bad.
thank you bertl |
All times are GMT -5. The time now is 11:37 PM. |