It's just the way it works. Nothing to worry about. What happens: Somebody somewhere in the internet sends a packet with source IP 127.0.0.1 and destination IP your public IP address. Since packets in the internet are routed only based on their destination IP address this packet reaches you. Unfortunately only a few ISPs bother to filter packets based on their obviously invalid source, so this packet travels all the way from it's source (whereever it is) to you and then you have to drop it, because you should never trust your ISP to do it for you.
You should filter all IP packets with the following sources inbound on your untrusted internet boundary: 0.0.0.0/8 "this network" 10.0.0.0/8 rfc1918 127.0.0.0/8 loopback 169.254.0.0/16 linklocal addresses 172.16.0.0/12 rfc1918 192.0.2.0/24 testnet 192.168.0.0/16 rfc1918 224.0.0.0/3 multicast and classE Additionally you should filter packets with a source within IP address space that you use: 1.Your public assigned IP addresses. 2.Private addresses that you use. Best regards, Boyan Krosnov, CCIE#8701 http://boyan.ludost.net/ just another techie speaking for himself > -----Original Message----- > From: Mikko Kilpikoski [mailto:[EMAIL PROTECTED] > Sent: Monday, September 15, 2003 4:16 PM > To: [email protected] > Subject: Re: 127.0.0.1 coming in from eth0? > > > Fabricio Cannini wrote: > > Don't take this for gospel, but if u can't connect but > > can "ping", i'm almost sure that ur nic is loosing > > packets. > > Oops, maybe I was a bit unclear *blush*... > > It works fine (routing, masquerading, all ok). It's just that there > shouldn't be incoming 127.0.0.1 packets from eth0, and I > don't know how > to figure out how these end up in the logs anyway. > > -- > Mikko Kilpikoski > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > >
