From: Arne Fitzenreiter <arne_f@ipfire.org>
Date: Tue, 14 Dec 2010 00:41:20 +0000 (+0100)
Subject: Again allow all IP's on loopback.
X-Git-Tag: v2.9-beta2~24
X-Git-Url: http://git.ipfire.org/?p=people%2Fpmueller%2Fipfire-2.x.git;a=commitdiff_plain;h=cae0079c2f7c86b92cb7d9724e70f38be571a2cd

Again allow all IP's on loopback.
---

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index 88889a4c26..9a4e5eb17b 100644
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -188,10 +188,10 @@ case "$1" in
 	/sbin/iptables -A FORWARD -j OUTGOINGFW
 
 	# localhost and ethernet.
-	/sbin/iptables -I INPUT 1 -i lo -s 127.0.0.0/8 -d 127.0.0.0/8 -m state --state NEW -j ACCEPT
+	/sbin/iptables -I INPUT 1 -i lo -m state --state NEW -j ACCEPT
 	/sbin/iptables -A INPUT   -s 127.0.0.0/8 -m state --state NEW -j DROP   # Loopback not on lo
 	/sbin/iptables -A INPUT   -d 127.0.0.0/8 -m state --state NEW -j DROP
-	/sbin/iptables -A FORWARD -i lo -s 127.0.0.0/8 -d 127.0.0.0/8 -m state --state NEW -j ACCEPT
+	/sbin/iptables -A FORWARD -i lo -m state --state NEW -j ACCEPT
 	/sbin/iptables -A FORWARD -s 127.0.0.0/8 -m state --state NEW -j DROP
 	/sbin/iptables -A FORWARD -d 127.0.0.0/8 -m state --state NEW -j DROP
 	/sbin/iptables -A INPUT   -i $GREEN_DEV  -m state --state NEW -j ACCEPT ! -p icmp