Hello,
I encountered a question today, it's about firewall and the Input chain.
as I know we use Input chain for those packets that their destinations are set to our address. and they want to ask something from us, so we use input here. we use output when we are giving them a reply to their request that was asked before from an input operation, and forward ..
my question is in IP> Firewall> Filter> chain> input> why can we set a dst address ? isn't it that all input data's Destination Addresses are just same as our address ?

Thanks in advance

Hello,

my question is in IP> Firewall> Filter> chain> input> why can we set a dst address ? isn't it that all input data's Destination Addresses are just same as our address ?

Thanks in advance

Not always. Your router may have 5 different IPs - one for each network. All of them are "input", but that doesn't mean you want to, say, open ssh on all interfaces.
Or you may want to allow ssh from network in interface 1 - but only if it goes to the address on a VPN interface.

Hello,

my question is in IP> Firewall> Filter> chain> input> why can we set a dst address ? isn't it that all input data's Destination Addresses are just same as our address ?

Thanks in advance

Not always. Your router may have 5 different IPs - one for each network. All of them are "input", but that doesn't mean you want to, say, open ssh on all interfaces.
Or you may want to allow ssh from network in interface 1 - but only if it goes to the address on a VPN interface.

yea, you've enlighten me thanks for the answer.