** Reply to note from Barney Wolff <[EMAIL PROTECTED]> Tue, 24 Feb 2004 12:30:23 -0500
>> IMHO opinion wrong packets are arriving
>> from the upstream router (for which it
>> would be useless to ask for a fix),
> Your first three rules, before anything else, should be:
> allow ip from any to any via lo0
> deny log logamount 1000 ip from any to 127.0.0.0/8
> deny log logamount 1000 ip from 127.0.0.0/8 to any
> then see what ipfw says.
> Your ruleset does not block packets from 127
> outbound.
I though it did! These are just not the first rules, but they should anyway.
In any case, I tried your suggestion: now ipfw -a l gives:
00030 2 416 allow ip from any to any via lo0
00031 0 0 deny log ip from any to 127.0.0.0/8
00032 0 0 deny log ip from 127.0.0.0/8 to any
And I've had snort reporting bas loopback traffic in the meanwhile.
So this is not a problem with my rules.
bye & Thanks
av.
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
