Date: Sun, 5 Oct 1997 22:58:00 -0700 (PDT) From: <nsayer@quack.kfu.com> To: FreeBSD-gnats-submit@FreeBSD.ORG Subject: conf/4702: ipfw should pass all lo0 traffic, not just 127.0.0.1 Message-ID: <199710060558.WAA00621@icarus.kfu.com> Resent-Message-ID: <199710060600.XAA06342@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 4702 >Category: conf >Synopsis: ipfw should pass all lo0 traffic, not just 127.0.0.1 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Oct 5 23:00:03 PDT 1997 >Last-Modified: >Originator: Nick Sayer >Organization: Just me >Release: FreeBSD 2.2.2-RELEASE i386 >Environment: ipfirewall >Description: My firewall config logs these: Oct 5 19:05:24 dial /kernel: ipfw: 40300 Deny UDP 204.147.226.8:1018 204.147.226.8:111 via lo0 The problem is the routing table: myname 0:60:8:2a:a6:b3 UHLW 1 14 lo0 >How-To-Repeat: >Fix: The solution is to change the line in /etc/rc.firewall /sbin/ipfw add 1000 pass all from 127.0.0.1 to 127.0.0.1 to /sbin/ipfw add 1000 pass all from any to any via lo0 Perhaps a better fix is to not send non 127 traffic to lo0. >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199710060558.WAA00621>