Allowing Loopback

It is advisable that you allow loopback traffic on your firewall because many services that you usually assume can communicate internally with one another will fail if you don't. To do this, you can specify that the loopback device should not be restricted:

bible:~ # iptables -A INPUT -i lo -j ACCEPT bible:~ # iptables -A OUTPUT -o lo -j ACCEPT

In this example, by appending to the INPUT chain you accept any type of traffic that is destined for ( -i) or sent out (-o) of the loopback (lo) device.

As the loopback device is not capable of forwarding packets, you do not need to enable traffic through the FORWARD chain.

Was this article helpful?

0 0

Post a comment