[Nix-dev] [NixOS] 127.0.0.1 in /etc/hosts
Eelco Dolstra
eelco.dolstra at logicblox.com
Wed Oct 10 20:29:58 CEST 2012
Hi,
On 10/10/12 12:00, Mathijs Kwik wrote:
> mongodb seems to connect to itself, but does so by hostname.
> This used to resolve to lo(127.0.0.1), which the firewall fully trusts.
> Now it resolves to eth0/wlan0 and the firewall rejects these requests
> (I do not want external connections to it).
Hm, I can't reproduce this (in 3.2.30). Local traffic that connects to a local
IP address appears to come in through the loopback interface, so it's always
accepted.
So when I drop the iptables rule that accepts all loopback traffic, I get
firewall messages like:
Oct 10 14:21:31 mandark kernel[7522]: [151059.852511] rejected connection: IN=lo
OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=10.100.13.12
DST=10.100.13.12 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=25637 DF PROTO=TCP
SPT=58166 DPT=1234 WINDOW=32792 RES=0x00 SYN URGP=0
Note SRC/DST=10.100.13.12 and IN=lo. 10.100.13.12 is my wlan0 address.
--
Eelco Dolstra | LogicBlox, Inc. | http://nixos.org/~eelco/
More information about the nix-dev
mailing list