Cleanest way to deal with loopback interface?
gtaylor at riverviewtech.net
Thu Apr 14 03:09:46 CEST 2005
> allow traffic on the loopback interface unconditionally, and allow the
> linux routing code 'martian' checks to drop 127.0.0.0/8 packets received
> 'on the wire' as it does by default.
I don't think this is such a good idea. I could reconfigure my system such that it's loop back interface was not in the 127.0.0.0/8 network and set a route to the 127.0.0.0/8 network to be via your IP on the LAN. Assuming that your system and my system were on the same LAN and subnet and we could ping each other I would be able to access your 127.0.0.1 address as your kernel would forward traffic to the loop back network in your system.
Grant. . . .
More information about the netfilter