[SLUG] iptables question

• Next message: Paul M Foster: "[SLUG] Suncoast LUG Meetings"
• Previous message: Frank Roberts - SOTL: "[SLUG] Script interpretation"
• Next in thread: Levi Bard: "Re: [SLUG] iptables question"
• Reply: Levi Bard: "Re: [SLUG] iptables question"
• Reply: Derek Glidden: "Re: [SLUG] iptables question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Here's an odd scenario. Assume the following:

iptables -N mytarget
iptables -I INPUT -j mytarget

Assume no other specification of the mytarget chain/rule. And assume,
per the above, that the mytarget chain acts as the first target on the
INPUT chain. (Any other rules added with the -A parameter on the INPUT
chain would get added _after_ this original rule.)

The question is this: it seems that, without specifying the interface,
protocol or disposition of the mytarget chain/rule, it's a wide open
target, accepting anything from anywhere. If that's true, then if you
actually did this, it would obviate the rest of the rules in your INPUT
chain. Is that right? Or does a "blank" rule like this just pass packets
to the next rule or the default policy (ACCEPT)?

(This isn't a made up example. The latest Coyote effectively does this.)

Paul

• Next message: Paul M Foster: "[SLUG] Suncoast LUG Meetings"
• Previous message: Frank Roberts - SOTL: "[SLUG] Script interpretation"
• Next in thread: Levi Bard: "Re: [SLUG] iptables question"
• Reply: Levi Bard: "Re: [SLUG] iptables question"
• Reply: Derek Glidden: "Re: [SLUG] iptables question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 19:38:00 EDT