How iptables behaves on timezone change?

1

I have doubt how iptables keep changing the info in iptables when timezone is change. I am using iptables s v 1.4.8

I have blocked one IP with following details

 # date
    Thu Jun 6 12:46:42 IST 2013

#iptables -A INPUT -s 10.0.3.128 -m time --datestart 2013-6-6T12:0:00 --datestop 2013-6-6T13:0:00 -j DROP

# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all -- 10.0.3.128 anywhere TIME starting from 2013-06-06 12:00:00 until date 2013-06-06 13:00:00

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

But after I change the timezone following things happened automatically .

AFTER TIME ZONE CHANGE +++++++++++++++++++++++

#date
Thu Jun 6 15:17:48 HKT 2013

# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all -- 10.0.3.128 anywhere TIME starting from 2013-06-06 14:30:00 until date 2013-06-06 15:30:00

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
#

The time value is changed in the rule . It is changing with the timezone how. Where iptables keeps track of timezone.

Kindly explain me.

pradipta

Posted 2013-06-06T09:28:30.210

Reputation: 111

Answers

4

It's not keeping track of anything. It converted the strings 2013-6-6T12:0:00 and 2013-6-6T13:0:00 to raw time_t when you added the rule, using the timezone that you had set up at that time. Then later when you run the -L, it converts that timestamp back to a readable string using the new current timezone.

The timezone information that was implicit in your initial command was lost immediately after it was done executing, and every execution of iptables -L attempts to reconstruct the original time string by applying the current timezone to the time_t.

user240960

Posted 2013-06-06T09:28:30.210

Reputation:

Thanks for the answer, I guess you definitely gone through the code of iptables.What I got form your reply every time we are giving the iptables -L it will show the time as converted to local timezone.One doubt here is where this information is stored ,as you told "every execution of iptables -L attempts to reconstruct the original time string by applying the current timezone to the time_t" , but where this "original time string" is coming to the code(If rebooted then how it is retaining) .Is there any buffer where the iptables is storing the data or any file in the linux . – None – 2013-06-06T10:52:46.897

The time_t is stored in the kernel. The strings are not stored anywhere. iptables rules do not persist across reboot. The command has to be run again after every reboot to put the rule back into the kernel's memory. – None – 2013-06-06T20:36:28.487

Thanks ,It means each time we are giving any time range it will store in kernel buffer and when we are giving the iptables -L then this time is referred and it is changed to string with respect to local time zone. am I correct ? – None – 2013-06-07T09:34:43.703

Asked: 2013-06-06T09:28:30.210

Viewed: 890 times

Active: 2013-06-25T10:00:53.347