iptables entries

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Author Message
martinr
DD-WRT Novice


Joined: 17 Mar 2014
Posts: 29
Location: Manchester, United Kingdom

PostPosted: Thu Apr 03, 2014 11:14    Post subject: iptables entries Reply with quote
I installed the mini DDWRT on my Linksys WRT54GL.

I have no intention of messing with iptables, but I want to understand it as part of general knowledge both of firewalls and networking.

The first few lines in my iptables are:

Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED
DROP udp -- anywhere anywhere udp dpt:route
DROP udp -- anywhere anywhere udp dpt:route
ACCEPT udp -- anywhere anywhere udp dpt:route


1. Surely 2 identical lines to drop UDP is a mistake, only one would be needed?

2. Is the ACCEPT UDP after the DROP a mistake, because iptables would already have dropped it before it got to the ACCEPT?


As I say, I don't want to mess with it, merely to understand what I'm looking at.

Martin
Sponsor
BasCom
DD-WRT Guru


Joined: 29 Jul 2009
Posts: 1378
Location: Germany

PostPosted: Thu Apr 03, 2014 12:49    Post subject: Reply with quote
you need to look more inside.

telnet into router and type

iptables -L INPUT -vvv.
it shows more detailed information.

_________________
RT-N66U @ Build 25697M K3.10.63
TL-WR842ND v1 @ BS-build 23919 WDS AP
TL-WR841ND @ BS-build 23919 WDS Client
TL-WR841ND @ BS-build 23919 Client Bridge ( Routed )
martinr
DD-WRT Novice


Joined: 17 Mar 2014
Posts: 29
Location: Manchester, United Kingdom

PostPosted: Thu Apr 03, 2014 20:27    Post subject: Reply with quote
BasCom wrote:
you need to look more inside.

telnet into router and type

iptables -L INPUT -vvv.
it shows more detailed information.


Danke sehr!, BasCom.

I see what you mean. Furthermore, I now know how to telnet into my router (after having had to create a rule in my Windows Firewall).

I have learned a great deal by this little exercise.

Thank you very much for your kind help.

Martin



telnet -L.jpg
 Description:
 Filesize:  95.32 KB
 Viewed:  2155 Time(s)

telnet -L.jpg


BasCom
DD-WRT Guru


Joined: 29 Jul 2009
Posts: 1378
Location: Germany

PostPosted: Thu Apr 03, 2014 20:51    Post subject: Reply with quote
no problem.
_________________
RT-N66U @ Build 25697M K3.10.63
TL-WR842ND v1 @ BS-build 23919 WDS AP
TL-WR841ND @ BS-build 23919 WDS Client
TL-WR841ND @ BS-build 23919 Client Bridge ( Routed )
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum