IPTABLES. Strange behaviour with Input Drop and duplicated "sources"

banderas20

Member
Joined
Aug 1, 2018
Messages
30
Reaction score
13
Credits
151
Hi everyone

I'm testing iptables on Debian. My idea completely close system incoming connections and step by step go opening selectively to certain IPs and ports.

To start, I deny every incoming with:

Code:
iptables --policy INPUT DROP

Then, I add specific rules so as a particular IP can access port 8080. Any other IP can't.

Code:
iptables -A INPUT -p tcp --dport 8080 -s 191.168.88.1 -j ACCEPT
iptables -A INPUT -p tcp --dport 8080 -j DROP

The problem arises because it only works if default policy is set to ACCEPT. Otherwise it doesn't work. It's as if it does't care about the following rules set...

Another doubt I've come through with rules is, when I list them:

Code:
iptables -L -v

1. I can't see port 8080 anywhere, and I am verbosing it with "v".
2. If I do it without "-n" flag (DNS resolution), in the field source I get different things: "router.lan" and an FQDN apparently coming from Brazil (.br).
With "-n" flag (NOT resolve DNS), I get two duplicated rules (2 tests I did) with the same IP .

¿Anyone knows what's happening?

Any help will be greatly appreciated.

Thanks!
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Members online


Latest posts

Top