From owner-freebsd-security Wed Nov 8 16:51:16 2000 Delivered-To: freebsd-security@freebsd.org Received: from puck.firepipe.net (mcut-b-167.resnet.purdue.edu [128.211.209.167]) by hub.freebsd.org (Postfix) with ESMTP id 66DAA37B4C5 for ; Wed, 8 Nov 2000 16:51:13 -0800 (PST) Received: by puck.firepipe.net (Postfix, from userid 1000) id A20B219BE; Wed, 8 Nov 2000 19:51:03 -0500 (EST) Date: Wed, 8 Nov 2000 19:51:03 -0500 From: Will Andrews To: Jan Knepper Cc: FreeBSD Security Subject: Re: loopback: 127.0.0.0/8 or 127.0.0.0/16 or 127.0.0.0/24??? Message-ID: <20001108195103.B12659@puck.firepipe.net> Reply-To: Will Andrews References: <3A09D41D.B14D809C@smartsoft.cc> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3A09D41D.B14D809C@smartsoft.cc>; from jan@smartsoft.cc on Wed, Nov 08, 2000 at 05:30:53PM -0500 X-Operating-System: FreeBSD 4.1-STABLE i386 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org [ redirecting to -questions ] On Wed, Nov 08, 2000 at 05:30:53PM -0500, Jan Knepper wrote: > I have been monitoring some network traffic lately and figured > that at a certain moment my system wanted to send a package out > to 127.0.0.2:25 via the interface that is connected to the > internet (the external interface). Actually, my firewall blocked > the packets, but I wondered why the heck it would try something > like that to begin with. > Next to that I wondered, since 127.0.0.0/8 is the loopback > interface what is really going on and wether or not packets to > or from 127.0.0.0/8 traveling through the external interface > should be blocked or not. Should it be something else than > 127.0.0.0/8 (/16? /24?). I know there are unregistered IP ranges > RFC1918, but I didn't read anything about 127.0.0.0... > > Can anyone shed any light? It's 127.0.0.0/8, designated as a loopback IP block.. meaning that most any good firewall will block all data with an IP in this block, but allow it through lo0 (loopback interface). -- wca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message