Iptables Understanding

Issues related to configuring your network
Post Reply
anoluck
Posts: 2
Joined: 2017/10/28 22:23:07

Iptables Understanding

Post by anoluck » 2017/12/01 10:20:14

sudo firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -i lo -j ACCEPT

What does the number 0 or 1 stand for after INPUT?
I been looking everywhere and I cant understand what that means?

northpoint
Posts: 107
Joined: 2016/05/23 11:57:12

Re: Iptables Understanding

Post by northpoint » 2017/12/01 14:45:33

Im no expert but looks to me like its used for priority in the rule chain.

Found this:

Code: Select all

[--permanent] --direct --add-rule { ipv4 | ipv6 | eb } table chain priority args
    Add a rule with the arguments args to chain chain in table table with priority priority.

    The priority is used to order rules. Priority 0 means add rule on top of the chain, with a higher priority
    the rule will be added further down. Rules with the same priority are on the same level and the order of
    these rules is not fixed and may change. If you want to make sure that a rule will be added after another
    one, use a low priority for the first and a higher for the following.
The command looks to be not setup right though. Its missing some stuff. Perhaps someone else can shed more light on this. I dont use firewall-cmd because just using iptables is much simpler to me.
Ryzen x1800 * Asus x370 Pro * CentOS 7.4 64bit / Icewarp /

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Iptables Understanding

Post by TrevorH » 2017/12/01 15:28:04

That rule is already a part of the standard iptables-save output on a system running firewalld in any case.

-A INPUT -i lo -j ACCEPT
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

Post Reply