Re: Request for comments: iptables script for use on laptops.
Hi,
> > iptables -A INPUT -j ACCEPT -s 127.0.0.1 # local host
> > iptables -A OUTPUT -j ACCEPT -d 127.0.0.1
>
> Correct me if I'm wrong, but I think this would also allow incoming
> traffic from 127.0.0.1 to the eth0 interface. So somebody spoofing
> his IP address to appear to be 127.0.0.1 could send _any_ traffic
> to you and you would ACCEPT it, basically rendering the firewall
> useless. Did I miss anything?
>
yes, i think this allow incoming spoofed traffic to eth0 (or it is "martian?") but the response must follow what found in routing table -> lo interfaces... am i wong?
bye
Reply to: