On 9/23/23 12:51, Christian wrote:
I might be wrong but this thread reads like there is a misunderstanding of
what the difference is between "inbound" and "INPUT". The two phrases are not
the same. At the risk of mansplaining the difference, I hope this clears up
some confusion.
Hey,
There is nothing wrong with "mansplaning". I can read the documents, but
that is no guarantee I don't come away with a incorrect understanding of the
finer points of interplay between the chains. In fact I did. I was under the
impression that INPUT and OUTPUT chains function was separate and entries in
the INPUT chain would not prevent outbound traffic on a blocked IP or range in
the INPUT chain.
The subsequent messages in the thread show it's all to easy to miss a point
or two. Thank you Christian, u34 and especially Genes for advancing my
understanding of how the chains work together.
I will redo my rule-set in a hopefully more stateful manner. It has been
cobbled together to address the main ranges where intrusions attempts have
come from since I installed Arch on the server in 2015 building on the default
iptables.rules provided at that time -- it no-doubt has a bit of age-rot in
the rule-set.
Thanks again for the help. Now if we could just get Redis to play-nice with
Nextcloud, life would be great :)
--
David C. Rankin, J.D.,P.E.
