Iptables Understanding

Issues related to configuring your network
Posts: 2
Joined: 2017/10/28 22:23:07

Iptables Understanding

Postby anoluck » 2017/12/01 10:20:14

sudo firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -i lo -j ACCEPT

What does the number 0 or 1 stand for after INPUT?
I been looking everywhere and I cant understand what that means?

Posts: 48
Joined: 2016/05/23 11:57:12

Re: Iptables Understanding

Postby northpoint » 2017/12/01 14:45:33

Im no expert but looks to me like its used for priority in the rule chain.

Found this:

Code: Select all

[--permanent] --direct --add-rule { ipv4 | ipv6 | eb } table chain priority args
    Add a rule with the arguments args to chain chain in table table with priority priority.

    The priority is used to order rules. Priority 0 means add rule on top of the chain, with a higher priority
    the rule will be added further down. Rules with the same priority are on the same level and the order of
    these rules is not fixed and may change. If you want to make sure that a rule will be added after another
    one, use a low priority for the first and a higher for the following.

The command looks to be not setup right though. Its missing some stuff. Perhaps someone else can shed more light on this. I dont use firewall-cmd because just using iptables is much simpler to me.
Ryzen x1800 * Asus x370 Pro * CentOS 7.4 64bit / Icewarp /

User avatar
Forum Moderator
Posts: 21511
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Iptables Understanding

Postby TrevorH » 2017/12/01 15:28:04

That rule is already a part of the standard iptables-save output on a system running firewalld in any case.

-A INPUT -i lo -j ACCEPT
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke