On Fri, Mar 08, 2002 at 03:59:01PM -0800, Chris Wilkes wrote: > On Fri, Mar 08, 2002 at 06:34:35PM -0500, Ramin Alidousti wrote: > > On Fri, Mar 08, 2002 at 12:33:52PM -0800, Chris Wilkes wrote: > > > > > > > > How about as your last rule in your OUTPUT/INPUT tables to mark the > > > packets that are dropped? That way you can see what's being dropped and > > > why. > > > > > > Who is 127.0.0.1 trying to communicate with? Probably another local > > > address to the machine like 10.0.0.254. Did you enable communication > > > > 127.0.0.1 does not communicate with anything else than 127.0.0.1. > > > > Ramin > > Hmmm, are you sure about that? I have djbdns setup here where the > dnscache listens on port 53 on 10.0.0.254 and then forwards requests to > tinydns that it thinks it can resolve locally:
Yes, you are correct. The statement should have been that no packet with 127.0.0.1 as src or dst should be seen on the wire. Ramin
