Date: Tue, 24 Feb 2004 18:44:46 EST From: Andrea Venturoli <ml.ventu@flashnet.it> To: freebsd-net@freebsd.org Subject: Re: Bad loopback traffic not stopped by ipfw. Message-ID: <200402241744.i1OHikmZ026736@soth.ventu>
next in thread | raw e-mail | index | archive | help
** Reply to note from Barney Wolff <barney@databus.com> Tue, 24 Feb 2004 12:30:23 -0500 >> IMHO opinion wrong packets are arriving >> from the upstream router (for which it >> would be useless to ask for a fix), > Your first three rules, before anything else, should be: > allow ip from any to any via lo0 > deny log logamount 1000 ip from any to 127.0.0.0/8 > deny log logamount 1000 ip from 127.0.0.0/8 to any > then see what ipfw says. > Your ruleset does not block packets from 127 > outbound. I though it did! These are just not the first rules, but they should anyway. In any case, I tried your suggestion: now ipfw -a l gives: 00030 2 416 allow ip from any to any via lo0 00031 0 0 deny log ip from any to 127.0.0.0/8 00032 0 0 deny log ip from 127.0.0.0/8 to any And I've had snort reporting bas loopback traffic in the meanwhile. So this is not a problem with my rules. bye & Thanks av.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200402241744.i1OHikmZ026736>