iptables question (was Re: Squid question)
David A. Bandel
david
Mon May 17 11:57:17 PDT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, 23 Dec 2003 20:38:20 -0500
Tim Wunder <tim at thewunders.org> wrote:
[snip]
> >
>
> OK, I ran 'tcpdump lo', then started up Firebird, which was configured
> to use the proxy, and I rec'd gobs of activity. When I switched off
> the proxy, I no longer saw the activity. I *did* see activity on eth0,
> though.
Yes, because when you're working on a host, all traffic is generated by
that host. So traffic starts life on a host as coming from 127.0.0.1.
If it is bound for an external host, then it gets routed out of the host
via an interface (like eth0, ppp0, etc.). This external interface is
what everyone else sees. But traffic coming from your own host and
going to your own host will always be seen by your host as coming from
lo (127.0.0.1).
lo does a _lot_ of work. If you're running X on your system (or any
other client/server services) you'll see a _lot_ of lo activity lo <-->
lo. Some things may use UNIX sockets, but others will communicate using
lo and the ports.
>
> What else am I missing? Should I do something about my route?
your routes are fine. See Changs answer.
> # route -n
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref
> Use Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 0
> 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U
> 0 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0
> U 0 0 0 lo 0.0.0.0 192.168.1.254 0.0.0.0
> UG 0 0 0 eth0
>
> 192.168.1.254 is my linksys cable router.
All is well.
David A. Bandel
- --
Focus on the dream, not the competition.
Nemesis Racing Team motto
GPG key autoresponder: mailto:david_key at pananix.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/6YVrj31PLQNUbV4RAtJ1AJkB6zHKMuNtxv7Bc5rQaAXI38n4DgCfaN5q
X00eFCxM+cPYB8dhugijThg=
=qwlE
-----END PGP SIGNATURE-----
More information about the Linux-users
mailing list