What's the deal with input_wan_rule?

Reviewing my router's default firewall settings, noticed the first rule in zone_wan_forward is input_wan_rule

272.00 B input_wan_rule all * * /* !fw3: Custom wan input rule chain */

I am trying to understand what this rule actually does, but all iptables returns is:

Chain input_wan_rule (1 references)
target prot opt source destination

Any insight on what is this rule, where the rule definition is... and if the rule is indeed empty - why I am seeing small amount of traffic on it?

1 Like

This is an empty chain preceding other zone-specific input rules.
It can be useful if you ever need to add custom rules with raw iptables command.
Since the chain is empty by default, it can be ignored and its traffic counters don't matter.


in zone_wan_input I guess you meant to write.

By default it is empty, but if you use banIP then you'll have this:
[127:7026] -A input_wan_rule -j banIP

1 Like

Yes, typo on my part. Thanks!

1 Like

This makes perfect sense. Thank you!


This topic was automatically closed 0 minutes after the last reply. New replies are no longer allowed.