[Firehol-support] Dropping localhost src packets.
Costa Tsaousis
costa at tsaousis.gr
Thu Jan 22 20:54:22 GMT 2004
Oh, and to block incoming traffic from source 127.0.0.1 coming from any
device other than lo, just apply this (similar to the one you already
did):
interface any bad src 127.0.0.1 dst not 127.0.0.1
Place this before any other interface.
But even if you do this, localhost will be able to talk to localhost.
This will just drop all packets from eth0 coming from any device OTHER
THAN lo and not going to 127.0.0.1.
Costa
More information about the Firehol-support
mailing list