[FS#920] Final (default) rule in user defined zones wrong
LEDE Bugs
lede-bugs at lists.infradead.org
Thu Jul 20 13:21:12 PDT 2017
The following task has a new comment added:
FS#920 - Final (default) rule in user defined zones wrong
User who did this - Jo-Philipp Wich (jow-)
----------
The rule is intentional and meant to implement the intra-zone forwarding policy. A zone declared with "option forward REJECT" will cause such a rule to get emitted in order to match traffic entering and leaving the same zone.
Forwarded traffic can enter eth0.3 and leave it again, mainly in cases where the host is wrongly used as gateway before icmp redirects have been sent out. It also covers situations where a zone spans multiple interfaces, in this case you'll see one such rule for every included interface in order to deny traffic among interfaces in this zone when the zone forward policy is reject or drop.
----------
More information can be found at the following URL:
https://bugs.lede-project.org/index.php?do=details&task_id=920#comment3031
More information about the lede-bugs
mailing list