So i have these iptables rules
sudo iptables -L -n --line-numbers Chain INPUT (policy DROP) num target prot opt source destination 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED 2 ACCEPT all -- 192.168.8.129 0.0.0.0/0 3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 match-set k8s-nodes src 4 ACCEPT all -- 192.168.21.5 0.0.0.0/0 5 ACCEPT all -- 10.53.5.52 0.0.0.0/0 6 ACCEPT all -- 13.xx.xx.xx 0.0.0.0/0 7 ACCEPT all -- 147.xx.xx.xx 0.0.0.0/0 8 ACCEPT all -- 147.xx.xx.xx/28 0.0.0.0/0 9 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 8 10 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 11 ACCEPT all -- 136.xx.xx.xx 0.0.0.0/0 12 ACCEPT all -- 10.67.0.13 0.0.0.0/0 The rules are doing what we want, however i'm confused why rule 10 isn't allowing everything... since its "accept any to any" but when checking from source IPs not listed in the other rules there is no access... I think it has something to do with setting the INPUT chain to drop but i'm not sure. Can someone explain this? thanks
edit 1
As requested in the comments.
iptables -nv -L --line-numbers [...] 10 94M 7780M ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 
iptables -nv -L --line-numbers10 94M 7780M ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0so i guess thats just allowing anything to the loopback?