If a interface is configured with vlan and with dynamic address, no input/output rules are builded, only forward ones. Just changing from dynamic to static address it works right.
<src = eth1.1> <dst = any> <service = any> <interface = eth1.1> <direction =
output> <action = accept>
Result with dynamic address
for i_eth1_1 in $i_eth1_1_list
test -n "$i_eth1_1" && $IPTABLES -A FORWARD -o eth1.1 -p udp -m udp -s
$i_eth1_1 -m state --state NEW -j ACCEPT
Result with static IP address:
$IPTABLES -A OUTPUT -o eth1.1 -p udp -m udp -s 18.104.22.168 -m state --state NEW
PS. "Assume firewall is a part of 'any' " is not selected.
Log in to post a comment.