oh, the first two rules should not exist
-Wei On Mon, Mar 11, 2024 at 2:04 PM Wei ZHOU <ustcweiz...@gmail.com> wrote: > Hi, > > The port 53 should be allowed for only the guest network > > root@r-4-VM:~# iptables-save |grep "port 53" > -A INPUT -d 10.111.17.4/32 -i eth0 -p tcp -m tcp --dport 53 -j ACCEPT > -A INPUT -d 10.111.17.4/32 -i eth0 -p udp -m udp --dport 53 -j ACCEPT > -A INPUT -s 10.111.16.0/20 -i eth0 -p udp -m udp --dport 53 -j ACCEPT > -A INPUT -s 10.111.16.0/20 -i eth0 -p tcp -m tcp --dport 53 -j ACCEPT > > > -Wei > > >
