[Firewall] TRUSTED_IF not showing up

Chris Vavruska vavruska at gmail.com
Thu Nov 7 01:51:58 CET 2013


Since I didnt get any reply for my last issue I thought I would pose a more
pointed question:

I have a config line that looks like:

TRUSTED_IF="br1"

I see in the script it executes
iptables -A INPUT -i $interface -j ACCEPT

which give me output:
Accepting ALL INPUT packets from trusted interface(s): br1

Why don't I see a rule in the INPUT chain for br1?

Chain INPUT (policy DROP)
num  target     prot opt source               destination
1    BASE_INPUT_CHAIN  all  --  0.0.0.0/0            0.0.0.0/0
2    INPUT_CHAIN  all  --  0.0.0.0/0            0.0.0.0/0
3    HOST_BLOCK_SRC  all  --  0.0.0.0/0            0.0.0.0/0
4    SPOOF_CHK  all  --  0.0.0.0/0            0.0.0.0/0
5    VALID_CHK  all  --  0.0.0.0/0            0.0.0.0/0
6    EXT_INPUT_CHAIN !icmp --  0.0.0.0/0            0.0.0.0/0
 state NEW
7    EXT_INPUT_CHAIN  icmp --  0.0.0.0/0            0.0.0.0/0
 state NEW limit: avg 60/sec burst 100
8    EXT_ICMP_FLOOD_CHAIN  icmp --  0.0.0.0/0            0.0.0.0/0
   state NEW
9    INT_INPUT_CHAIN  all  --  0.0.0.0/0            0.0.0.0/0
10   INT_INPUT_CHAIN  all  --  0.0.0.0/0            0.0.0.0/0
11   ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
12   POST_INPUT_CHAIN  all  --  0.0.0.0/0            0.0.0.0/0
13   LOG        all  --  0.0.0.0/0            0.0.0.0/0            limit:
avg 1/sec burst 5 LOG flags 0 level 6 prefix "AIF:Dropped INPUT packet: "
14   DROP       all  --  0.0.0.0/0            0.0.0.0/0

What would cause me to not see the rule in the table?

Thanks,

Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rocky.eld.leidenuniv.nl/pipermail/firewall/attachments/20131106/67ec0645/attachment.html>


More information about the Firewall mailing list