Default masquerade policies

I've already answered that...

Because those rules apply to traffic entering and leaving the router. They have nothing to do with traffic being passed between interfaces or zones within the router.

Maybe pictures will help you to understand better.

device_input

"Zones" have rules (allow/deny INPUT/OUTPUT/FORWARD)
"Device" which zones are setup itself has rules also (e. g. allow/deny routing/forwarding traffic between zones).

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.