[FS#920] Final (default) rule in user defined zones wrong
LEDE Bugs
lede-bugs at lists.infradead.org
Fri Jul 21 10:50:10 PDT 2017
The following task has a new comment added:
FS#920 - Final (default) rule in user defined zones wrong
User who did this - Arjen de Korte (arjendekorte)
----------
I stand corrected. But this still is not a compelling reason why using zone_*_dest_REJECT would be better than zone_*_src_REJECT in zone_*_forward. In the example above, both would match. And there we're back to my original confusion, why the last rule as configured by the 'option forward ACCEPT/DROP/REJECT' in the zone definitions fails to match (almost) all traffic.
Just like in the INPUT/FORWARD/OUTPUT chains, I expect that the last rule is applied to anything that remains. For the existing zone_*_input and zone_*_output chains this is the case, but pretty much everything that makes it to this point in the zone_*_forward chain falls-back to the default action in the FORWARD chain. That is what is unexpected (at least to me, but I assume I'm the only one here).
----------
More information can be found at the following URL:
https://bugs.lede-project.org/index.php?do=details&task_id=920#comment3041
More information about the lede-bugs
mailing list