Grant Adamson escreveu:
Hi All, I recently redid my home gateway/NAT box with debian 3.1, and everything looked to be working fine until I did a quick scan on it from outside to test the firewall. All the services running appeared to be exposed. Checking my rules with iptables -L, I found that for some reason, everywhere I had specified a physical interface, it had been replaced by ANYWHERE. For example, the following rule: iptables -A INPUT -m state --state NEW -i ! $EXTIF -j ACCEPT Ends up appearing in the iptables -L list as: target prot opt source destination ACCEPT all -- anywhere anywhere state NEW
To see interfaces, you should use -v option on iptables. Interfaces do not show when you use -L alone.
I always use iptables -nL TABLENAME -v (TABLENAME is optional). Please check your rules with: iptables -nL INPUT -v -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertrudes@xxxxxxxxxxxxxx My SPAMTRAP, do not email it
