iptables match time problem
I am a new iptables user.
I have some problem on using iptables match time.
After patch the time of patch-o-matic-ng, I can use command as below :
iptables -A INPUT -p all -m time --timestart 00:00 --timestop 23:59 --days Sun,Mon,Tue,Wed,Thu,Fri,Sat -j DROP
And don't know why the packet doesn't filter by this rule.
I try to use commnad "iptables -A INPUT -p all -j DROP"
The ping packet to router is filter by this rule.
Can anyone help me to find out this problem?
Thanks a lot
Re: iptables match time problem
it is hard to say why this rule doesn't fire when it is placed into your ruleset
without seeing your entire ruleset.
Have you tried debugging by first clearing all rule counts by: iptables -Z
then running your test for time, and finally, rechecking your rule counts by:
iptables -L -n -v --line-numbers That should show you which path was taken
thru your rules. Most probably, some prior rule fired, and thus never reached
your time rule.