[Bug 1379] Rule to accept INPUT address range does not block address that are not in range specified

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Thu Apr 16 00:28:19 CEST 2020


Pablo Neira Ayuso <pablo at netfilter.org> changed:

           What    |Removed                     |Added
         Resolution|---                         |INVALID
                 CC|                            |pablo at netfilter.org
             Status|NEW                         |RESOLVED

--- Comment #3 from Pablo Neira Ayuso <pablo at netfilter.org> ---
Your default policy should be turned to DROP, e.g.

iptables -P INPUT DROP

Otherwise, packets not matching your rule will just go through.

You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200415/edc4bca2/attachment.html>

More information about the netfilter-buglog mailing list