allow all traffic on loopback interface
-
fd0f54f44b5c(RELENG_2_5_0) pfSense amd64
I need to allow all traffic on lo0, however I see the default rule for ipv6, that's working:
[2.5.2-RELEASE][greg@lviv.qarea.org]/home/greg: ping6 ::1
PING6(56=40+8+8 bytes) ::1 --> ::1
16 bytes from ::1, icmp_seq=0 hlim=64 time=0.104 ms
16 bytes from ::1, icmp_seq=1 hlim=64 time=0.074 ms
16 bytes from ::1, icmp_seq=2 hlim=64 time=0.070 msbut no WORKING rule for ipv4 present, effectively disabling nearly all services that are needed to be accessible through 127.0.0.1:
[2.5.2-RELEASE][greg@lviv.qarea.org]/home/greg: ping 127.0.0.1
PING 127.0.0.1 (127.0.0.1): 56 data bytes
ping: sendto: Can't assign requested address
ping: sendto: Can't assign requested address
ping: sendto: Can't assign requested address
^C
--- 127.0.0.1 ping statistics ---
3 packets transmitted, 0 packets received, 100.0% packet loss[2.5.2-RELEASE][greg@lviv.qarea.org]/home/greg: ifconfig lo0
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x7
inet 127.0.0.1 netmask 0xff000000
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>in "usual" pf. I can do:
set skip on lo0or:
pass on lo0 keep statei only see the default rules like this:
@41(1000008961) pass in on lo0 inet all flags S/SA keep state label "pass IPv4 loopback"
[ Evaluations: 445249 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 6692 State Creations: 0 ]
@42(1000008962) pass out on lo0 inet all flags S/SA keep state label "pass IPv4 loopback"
[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
[ Inserted: pid 6692 State Creations: 0 ]and it doesn't seem to work correctly
thank you