Firewall Wizards mailing list archives
Fw: Is the order of the rules entered in iptables important?
From: "Kenny G. Dubuisson, Jr." <kdubuisson () kcmria com>
Date: Thu, 1 Aug 2002 08:27:58 -0500
----- Original Message ----- From: "Kenny G. Dubuisson, Jr." <kdubuisson () kcmria com> To: <firewall-wizards () honor icslabs com> Sent: Thursday, August 01, 2002 8:23 AM Subject: Fw: [fw-wiz] Is the order of the rules entered in iptables important?
Thanks for the responses. Now another question: Do I have to duplicate
my
rules on the INPUT chain on the OUTPUT and FORWARD chains? The examples that I've been using to study what we want to do shows rules duplicated
from
the INPUT chain to the OUTPUT and FORWARD chains. But my understanding is that if a rule is hit in the INPUT chain and the target is ACCEPT, it
skips
the other chains. Anything that you could provide to help clear this up would be very appreciated. Thanks again, Kenny ----- Original Message ----- From: <rob.roberson () verizon com> To: "Kenny G. Dubuisson, Jr." <kdubuisson () kcmria com> Cc: <firewall-wizards () honor icslabs com> Sent: Thursday, August 01, 2002 7:35 AM Subject: Re: [fw-wiz] Is the order of the rules entered in iptables important?Kenny - The order is definately important. The first rule that matches the
packet
is the one that takes effect. IPTables rules can be inserted between
other
rules by number. The exact syntax is in the man pages. Good luck! ~Rob Roberson Systems/Network Engineer Blue Dragon Studio rob () bluedragonstudio com |---------+-----------------------------------------> | | "Kenny G. Dubuisson, Jr." | | | <kdubuisson () kcmria com> | | | Sent by: | | | firewall-wizards-admin@honor.i| | | csalabs.com | | | | | | | | | 08/01/2002 08:17 AM | | | | |---------+----------------------------------------->--------------------------------------------------------------------------- ----------------------------------------------------|||| To: <firewall-wizards () honor icsalabs com>|| cc:|| Subject: [fw-wiz] Is the order of the rules entered in
iptables
important? |--------------------------------------------------------------------------- ----------------------------------------------------|Hello all. I'm new to the list. I have a quick question: does the
order
in which rules are added for an iptables table matter? I have a firewallthathas a pre-built iptables script that runs on boot. Once the system
boots,
I'm trying to add additional rules to the default chains but my rules
are
not working. I was wondering if that is because the boot script has, as it's last rule, a DENY target and since it was "entered" before my new rules, the DENY is always hit first. Thanks in advance, Kenny _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Is the order of the rules entered in iptables important? Kenny G. Dubuisson, Jr. (Aug 01)
- Re: Is the order of the rules entered in iptables important? Christopher Hicks (Aug 01)
- Re: Is the order of the rules entered in iptables important? David Lang (Aug 05)
- Re: Is the order of the rules entered in iptables important? Anton J Aylward, CISSP (Aug 05)
- Re: Is the order of the rules entered in iptables important? David Lang (Aug 05)
- Re: Is the order of the rules entered in iptables important? David Lang (Aug 05)
- Re: Is the order of the rules entered in iptables important? Christopher Hicks (Aug 01)
- <Possible follow-ups>
- Fw: Is the order of the rules entered in iptables important? Kenny G. Dubuisson, Jr. (Aug 01)
- Re: Fw: Is the order of the rules entered in iptables important? rob . roberson (Aug 01)