FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
232 views 2 comments
by anonymous

Hello,
in a RUT240 with FW RUT2_R_00.07.01.4, I have created the firewall rule attached in the image.

I would like that this OUTPUT rule matches only the traffic on WAN interfaces. Instead in iptables I see the following rule:

root@RUT240_0000:~# iptables -nvL OUTPUT
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
  0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:8000 /* !fw3: TEST_OUPUT */

As you can see in the "out" field is set to "*" and not to the specific WAN interfaces.

Could someone explain this behavior?

Thanks,
M

1 Answer

0 votes
by anonymous

Hello,

Please note that the IP Table gives out the Interfaces used for input and output for certain rules, but when it comes to Traffic rule setting we use the available zones like "LAN" "WAN" etc. and not the interfaces and thus it will show as " * ".

Hope this helps....!!

by anonymous

This is a screenshot from the TS file.

by anonymous

Hello,
thanks for the response.
Based on your response I expected to see -j zone_wan_ACCEPT on my rule. But as you can see I got -j ACCEPT:

So there is no indication that it is valid only for WAN zone/interfaces.

M