Hi, i'm using libipq to develop a small application that blocks connections from/to hosts if they are in a "black" list. It works fine for outgoing and incoming traffic but when i try to connect to localhost or loopback (for ex: ftp 127.0.0.1 or using localhost ip) it refuses to connect giving a "Connection reset by peer" error. If i try to connect to a non-opened port it correctly says "Connection refused". This is how i QUEUE packets to my app: iptables -A INPUT -p tcp -m state --state NEW -j QUEUE iptables -A OUTPUT -p tcp -m state --state NEW -j QUEUE The only way to make local connections work again is to explicitly ACCEPT them (before QUEUE'ing them) with: iptables -I INPUT -p tcp -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT Chains policy is set to ACCEPT. I repeat that all the other traffic works fine. I don't understand why i have to do that, any suggestions? Enrico
