From owner-freebsd-bugs  Sun Oct  5 23:00:08 1997
Return-Path: <owner-freebsd-bugs>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id XAA06361
          for bugs-outgoing; Sun, 5 Oct 1997 23:00:08 -0700 (PDT)
          (envelope-from owner-freebsd-bugs)
Received: (from gnats@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id XAA06342;
          Sun, 5 Oct 1997 23:00:04 -0700 (PDT)
          (envelope-from gnats)
Resent-Date: Sun, 5 Oct 1997 23:00:04 -0700 (PDT)
Resent-Message-Id: <199710060600.XAA06342@hub.freebsd.org>
Resent-From: gnats (GNATS Management)
Resent-To: freebsd-bugs
Resent-Reply-To: FreeBSD-gnats@FreeBSD.ORG, nsayer@quack.kfu.com
Received: from quack.kfu.com (0@quack.kfu.com [204.147.226.1])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id WAA06182
          for <FreeBSD-gnats-submit@freebsd.org>; Sun, 5 Oct 1997 22:58:03 -0700 (PDT)
          (envelope-from nsayer@quack.kfu.com)
Received: from icarus.kfu.com (icarus.kfu.com [204.147.226.3])
	by quack.kfu.com (8.8.5/8.8.5) with ESMTP id WAA26045
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 5 Oct 1997 22:58:01 -0700 (PDT)
Received: by icarus.kfu.com 
        (8.8.5//ident-1.0) id WAA00621; Sun, 5 Oct 1997 22:58:00 -0700 (PDT) 
Message-Id: <199710060558.WAA00621@icarus.kfu.com>
Date: Sun, 5 Oct 1997 22:58:00 -0700 (PDT)
From: <nsayer@quack.kfu.com>
Reply-To: nsayer@quack.kfu.com
To: FreeBSD-gnats-submit@FreeBSD.ORG
X-Send-Pr-Version: 3.2
Subject: conf/4702: ipfw should pass all lo0 traffic, not just 127.0.0.1
Sender: owner-freebsd-bugs@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


>Number:         4702
>Category:       conf
>Synopsis:       ipfw should pass all lo0 traffic, not just 127.0.0.1
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Oct  5 23:00:03 PDT 1997
>Last-Modified:
>Originator:     Nick Sayer
>Organization:
Just me
>Release:        FreeBSD 2.2.2-RELEASE i386
>Environment:

ipfirewall

>Description:

My firewall config logs these:

Oct  5 19:05:24 dial /kernel: ipfw: 40300 Deny UDP 204.147.226.8:1018 204.147.226.8:111 via lo0

The problem is the routing table:

myname             0:60:8:2a:a6:b3    UHLW        1       14       lo0

>How-To-Repeat:

>Fix:
	
The solution is to change the line in /etc/rc.firewall

/sbin/ipfw add 1000 pass all from 127.0.0.1 to 127.0.0.1

to

/sbin/ipfw add 1000 pass all from any to any via lo0

Perhaps a better fix is to not send non 127 traffic to lo0.

>Audit-Trail:
>Unformatted: