IPTABLES. Strange behaviour with Input Drop and duplicated "sources"

banderas20

Member
Joined
Aug 1, 2018
Messages
96
Reaction score
39
Credits
746
Hi everyone

I'm testing iptables on Debian. My idea completely close system incoming connections and step by step go opening selectively to certain IPs and ports.

To start, I deny every incoming with:

Code:
iptables --policy INPUT DROP

Then, I add specific rules so as a particular IP can access port 8080. Any other IP can't.

Code:
iptables -A INPUT -p tcp --dport 8080 -s 191.168.88.1 -j ACCEPT
iptables -A INPUT -p tcp --dport 8080 -j DROP

The problem arises because it only works if default policy is set to ACCEPT. Otherwise it doesn't work. It's as if it does't care about the following rules set...

Another doubt I've come through with rules is, when I list them:

Code:
iptables -L -v

1. I can't see port 8080 anywhere, and I am verbosing it with "v".
2. If I do it without "-n" flag (DNS resolution), in the field source I get different things: "router.lan" and an FQDN apparently coming from Brazil (.br).
With "-n" flag (NOT resolve DNS), I get two duplicated rules (2 tests I did) with the same IP .

¿Anyone knows what's happening?

Any help will be greatly appreciated.

Thanks!
 

Members online


Latest posts

Top