On Thu, 2006-10-05 at 19:33 +0200, Hans-Werner Hilse wrote: > Hi, > > On Thu, 05 Oct 2006 09:45:57 -0500 > Michael Sullivan <[EMAIL PROTECTED]> wrote: > > > On Thu, 2006-10-05 at 15:22 +0200, Hans-Werner Hilse wrote: > > > Yep. That's how it should be according to your iptables dump. I never > > > fighted with ipkungfu, but I think the LOCAL_NET configuration opens > > > the door for the given network. At least that's how I interpret that > > > comment there that says you should enter loopback network data if not > > > sure. You probably should really do that. > > > > I've configured it this way because the IP address of each of my > > computers will be changing once I get this firewall thing working. I'll > > try that though. > > Well, I meant: Networks listed in LOCAL_NET are probably _meant_ to > have full access. So what you describe is essentially a misconception > about what LOCAL_NET does configure. And since there is a comment in > the ipkungfu config file that says you should enter 127.0.0.1 there, I > guess it is meant to generally allow traffic. And you'll probably want > to allow 127.0.0.1 anyway (if not even 127.0.0.0/8). That configuration > seems to end up in the iptables INPUT section right before a catch-all > that drops all other traffic, and that really makes me think that > everything is working fine, just as configured. Probably changing it to > the suggested "127.0.0.1" will "fix" the issue. > > -hwh
What if I wanted 70.234.122.249, 70.234.122.250, and 70.234.122.251 as the network. What would the syntax for those three be? I've never been able to figure out what the 127.0.0.1/8 syntax means... -- gentoo-user@gentoo.org mailing list
