[Chilli] newbie chilli layer3 itables question

[Luis Ferreira]

Hi everyone,

 

I know this is a bizarre question, and I should know better, but can someone
explain to me the purpose of having this iptables rules for each chilli
instance on layer 3 and vlan?

 

 

-A FORWARD -i tun3 ! -o eth1 -j DROP

-A FORWARD -o tun3 -j ACCEPT

-A FORWARD -i tun3 -j ACCEPT

 

And

 

-A FORWARD -o vlan30 -j DROP

-A FORWARD -i vlan30 -j DROP

 

I ask this because sometimes, when I start chilli, the startup script
/etc/init.d/chilli does not create the rules, and I have to either restart
that instance or manually create them. 

 

Also, sometimes, on startup script,  vlan30, instead of create the iptables
rules for "vlan30", creates them for another one i.e. "vlan70", and then
when vlan70 is starting, it fails

 

I thought that this would affect costumers, but they can still see the login
page and browser normally the internet, so my question is:

 

What is the purpose of them?

 

Regards,

Luis

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.coova.org/pipermail/chilli/attachments/20140201/9282c6ed/attachment.html>