Question about iptables ( iptables -I INPUT 1)

jimbei78 · January 17, 2022, 8:20pm

Hello!

I updated to last PIHOLE version.

Current Pi-hole version is v5.8.1
Current AdminLTE version is v5.10.1
Current FTL version is v5.13

I want add the new pihole iptables rules from:

My old iptables was:

iptables -A INPUT -p udp --dport 80 -j REJECT --reject-with icmp-port-unreachable
iptables -A INPUT -p tcp --dport 443 -j REJECT --reject-with tcp-reset
iptables -A INPUT -p udp --dport 443 -j REJECT --reject-with icmp-port-unreachable
iptables -A INPUT -p tcp --dport 4711 -j ACCEPT

The new rules:

iptables -I INPUT 1 -s 192.168.0.0/16 -p tcp -m tcp --dport 80 -j ACCEPT
iptables -I INPUT 1 -s 127.0.0.0/8 -p tcp -m tcp --dport 53 -j ACCEPT
iptables -I INPUT 1 -s 127.0.0.0/8 -p udp -m udp --dport 53 -j ACCEPT
iptables -I INPUT 1 -s 192.168.0.0/16 -p tcp -m tcp --dport 53 -j ACCEPT
iptables -I INPUT 1 -s 192.168.0.0/16 -p udp -m udp --dport 53 -j ACCEPT
iptables -I INPUT 1 -p udp --dport 67:68 --sport 67:68 -j ACCEPT
iptables -I INPUT 1 -p tcp -m tcp --dport 4711 -i lo -j ACCEPT
iptables -I INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

What means?

iptables -I INPUT 1

Do I need modify INPUT 1? Maybee INPUT -i eth0?

I do not understand what INPUT 1 should mean.

Sorry for my stupid question.

jimbei78 · January 18, 2022, 9:36am

SOLVED, found the answer here:

https://www.reddit.com/r/linux/comments/4mblr6/0_votes_0_answers_2_views_why_do_we_need_to/

> -I, --insert chain [rulenum] rule-specification
>           Insert one or more rules in the selected chain as the given rule
>           number.  So, if the rule number is 1,  the  rule  or  rules  are
>           inserted  at the head of the chain.  This is also the default if
>           no rule number is specified.

system · February 8, 2022, 9:37am

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.