I have this line in my iptables: -A INPUT -s 123.20.0.0/12 -j DROP And if I do an "iptables -L", I get this: DROP all -- localhost/12 anywhere So i have two questions: 1) Is this class B being blocked? 2) Am I blocking anything within my own machine? Thanks in advance for any replies!!!
What is your policy default in iptables ACCEPT or DROP ? 1 ) No I recomand you to use comand "iptables -nvL" to se more verbose. Do not block localhost, use iptables -A INPUT -i lo -j ACCEPT
My policy is to deny all, add exceptions as necessary. The n switch (numeric) was VERY helpful. Thank you! Is it correct that it is the numeric value iptables is using, not the domain name (assuming that I am blocking an IP address of course)? I'm not blocking localhost, iptables is doing a reverse DNS lookup and inserting that value in place of the "numeric" IP address. In other words, the Chinese class A reverse lookup result was "localhost". Today I just checked and it is something different.
