[pkg-netfilter-team] Bug#949172: iptables: -A INPUT -i lo -j ACCEPT opens all ports
Alberto Molina Coballes
alb.molina at gmail.com
Wed Jan 22 20:07:43 GMT 2020
Hi Anzulo,
I can't reproduce the output you show using this basic rule.
iptables -A INPUT -i lo -j ACCEPT
iptables -L -nv
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
...
ip6tables -A INPUT -i lo -j ACCEPT
ip6tables -L -nv
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all lo * ::/0 ::/0
...
Default source and destination addresses (not ports) are defined using
both iptables and ip6tables instead you set a specific one in the rule
and AFAIK this is the expected behaviour in iptables.
Can you please provide more information or try to reproduce this issue
in another machine?
Regards,
Alberto
More information about the pkg-netfilter-team
mailing list