]> git.ipfire.org Git - ipfire-2.x.git/commit
projects / ipfire-2.x.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4d25c1f) | patch
firewall: Log and drop spoofed loopback packets
authorPeter Müller <peter.mueller@ipfire.org>
Sat, 18 Dec 2021 13:48:17 +0000 (14:48 +0100)
committerPeter Müller <peter.mueller@ipfire.org>
Fri, 14 Jan 2022 14:16:34 +0000 (14:16 +0000)
commita36cd34eac2d1624720eb86e2f3c6985ae184e20
tree35e059b2bd21fc2b7ceb4bc382ea267f23705b07tree | snapshot
parent4d25c1f39af51795e61855166a3aa24b6af97a17commit | diff
firewall: Log and drop spoofed loopback packets

Traffic from and to 127.0.0.0/8 must only appear on the loopback
interface, never on any other interface. This ensures offending packets
are logged, and the loopback interface cannot be abused for processing
traffic from and to any other networks.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
src/initscripts/system/firewall diff | blob | blame | history
IPFire 2.x development tree