iptables-忽略-i

在我的 iptables 规则中，我只想接受 lo 但删除其他所有接口。但是当我执行此命令时：-A INPUT -i lo -j ACCEPT

它没有指定接口 lo，但它接受所有接口。有什么建议吗？

忽略界面和

# iptables --flush
# iptables-restore /tmp/h 
# iptables --list
Chain INPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            

Chain FORWARD (policy DROP)
target     prot opt source               destination         

Chain OUTPUT (policy DROP)
target     prot opt source               destination         

Chain bad_packets (0 references)
target     prot opt source               destination         

Chain bad_tcp_packets (0 references)
target     prot opt source               destination         

Chain icmp_packets (0 references)
target     prot opt source               destination         

Chain tcp_inbound (0 references)
target     prot opt source               destination         

Chain tcp_outbound (0 references)
target     prot opt source               destination         

Chain udp_inbound (0 references)
target     prot opt source               destination         

Chain udp_outbound (0 references)
target     prot opt source               destination         
# cat /tmp/h 
# Generated by iptables-save v1.4.18 on Thu Jan  1 08:47:28 1970
*filter
:INPUT DROP [53:20507]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
:bad_packets - [0:0]
:bad_tcp_packets - [0:0]
:icmp_packets - [0:0]
:tcp_inbound - [0:0]
:tcp_outbound - [0:0]
:udp_inbound - [0:0]
:udp_outbound - [0:0]
-A INPUT -i lo -j ACCEPT
COMMIT
# Completed on Thu Jan  1 08:47:28 1970

--- 另外需要注意的是：flush 不会改变默认策略

# iptables --flush
# iptables --list
Chain INPUT (policy DROP)
target     prot opt source               destination         

Chain FORWARD (policy DROP)
target     prot opt source               destination         

Chain OUTPUT (policy DROP)
target     prot opt source               destination