Re: [Shorewall-users] lo

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Tom Allison wrote:
> Found an error I didn't expect on bind starting.
> 
> "command channel listening on 127.0.0.1#953"

That is not an error message.

> 
> So....  I should be setting up an interface for 'lo' as well?
> Haven't found anyone mentioning the lo interface.  I just assumed that 
> lo would have been given a default ACCEPT policy.
> 
> Just checking before I start trying to configure all this into the files.

You should include no configuration for the loopback interface. The
default intra-zone ACCEPT policy is automatically applied to fw->fw traffic.