Hi, I have a following very simple iptables configuration: # iptables -n -v -L INPUT --line-numbers Chain INPUT (policy DROP 21 packets, 1683 bytes) num pkts bytes target prot opt in out source destination 1 4 336 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED # As seen above, I don't explicitly allow connections to 127/8 network(-A INPUT -i lo -j ACCEPT) and thus while I receive for example ICMP "echo reply" messages from 8.8.8.8, I don't receive replies if I ping 127.0.0.1(configured to lo interface) or 10.10.10.1(configured to physical eth0 interface). How does a day in the life of a packet look like when it does not leave the machine? thanks, Martin -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
