|
Author |
Message |
martinr DD-WRT Novice
Joined: 17 Mar 2014 Posts: 29 Location: Manchester, United Kingdom
|
Posted: Thu Apr 03, 2014 11:14 Post subject: iptables entries |
|
I installed the mini DDWRT on my Linksys WRT54GL.
I have no intention of messing with iptables, but I want to understand it as part of general knowledge both of firewalls and networking.
The first few lines in my iptables are:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED
DROP udp -- anywhere anywhere udp dpt:route
DROP udp -- anywhere anywhere udp dpt:route
ACCEPT udp -- anywhere anywhere udp dpt:route
1. Surely 2 identical lines to drop UDP is a mistake, only one would be needed?
2. Is the ACCEPT UDP after the DROP a mistake, because iptables would already have dropped it before it got to the ACCEPT?
As I say, I don't want to mess with it, merely to understand what I'm looking at.
Martin
|
|
Back to top |
|
|
Sponsor
|
|
|
BasCom DD-WRT Guru
Joined: 29 Jul 2009 Posts: 1378 Location: Germany
|
Posted: Thu Apr 03, 2014 12:49 Post subject: |
|
you need to look more inside.
telnet into router and type
iptables -L INPUT -vvv.
it shows more detailed information.
_________________ RT-N66U @ Build 25697M K3.10.63
TL-WR842ND v1 @ BS-build 23919 WDS AP
TL-WR841ND @ BS-build 23919 WDS Client
TL-WR841ND @ BS-build 23919 Client Bridge ( Routed ) |
|
Back to top |
|
|
martinr DD-WRT Novice
Joined: 17 Mar 2014 Posts: 29 Location: Manchester, United Kingdom
|
Posted: Thu Apr 03, 2014 20:27 Post subject: |
|
BasCom wrote: | you need to look more inside.
telnet into router and type
iptables -L INPUT -vvv.
it shows more detailed information. |
Danke sehr!, BasCom.
I see what you mean. Furthermore, I now know how to telnet into my router (after having had to create a rule in my Windows Firewall).
I have learned a great deal by this little exercise.
Thank you very much for your kind help.
Martin
Description: |
|
Filesize: |
95.32 KB |
Viewed: |
2195 Time(s) |
|
|
|
Back to top |
|
|
BasCom DD-WRT Guru
Joined: 29 Jul 2009 Posts: 1378 Location: Germany
|
Posted: Thu Apr 03, 2014 20:51 Post subject: |
|
no problem.
_________________ RT-N66U @ Build 25697M K3.10.63
TL-WR842ND v1 @ BS-build 23919 WDS AP
TL-WR841ND @ BS-build 23919 WDS Client
TL-WR841ND @ BS-build 23919 Client Bridge ( Routed ) |
|
Back to top |
|
|
|