Hello,
Krishnamoorthy (Siva) Sivakumar a écrit :
When I run this rule, and try to access a .txt file (with a web
browser on a different machine) on the machine running the iptables, I
get a log message and the file access is blocked. However, if I try to
do the same but for a .txt file residing on a third machine (machine
running iptables is able to see the related packets on its interface
connected to the span port), I see no log or blocking.
As Cédric said, packets which are not destined to the box do not go
through the INPUT chains. And since the box is not forwarding traffic,
these packets are dropped at the input routing decision stage and do not
go through the FORWARD chains either.
