Rule generated by SuSEfirewall2

I configured SuSEfirewall2 with no open ports on a openSUSE 11.1 box. When I list firewall rules (iptables -L -n) the first rules in the INPUT chain are


ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state ESTABLISHED
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state RELATED

2nd and 3rd rules are ok, allowing outbound requests. But how about the first rule? To me it looks like it accepts anything incoming hands down. I can’t believe it, do I read this right? In such case the first rule short-circuits all subsequent rules on this chain. Please educate me.

/Hakan

It’s always embarrassing to broadcast one’s ignorance. But for the sake of other poor souls finding their way, use the -v option to see interface names. The first rule applies to the loopback interface. It really has to be open.

Case closed.

/Hakan