← Rules Catalog
mediumnetworkverified

Configure firewalld loopback traffic rules

firewalld-loopback · RHEL ≥ 8 · 1 impl

Description

Firewalld should be configured to allow loopback traffic and block any traffic from external sources claiming to originate from the loopback address.

Rationale

Loopback traffic is required for local system communication. However, traffic claiming to be from 127.0.0.0/8 arriving on non-loopback interfaces is likely spoofed and should be blocked.

Check → Remediate

Checkcommand
firewall-cmd --zone=trusted --list-interfaces 2>/dev/null | grep -q lo
expected_exit:
0
Remediatecommand_exec
firewall-cmd --permanent --zone=trusted --add-interface=lo && firewall-cmd --reload
unless:
firewall-cmd --zone=trusted --list-interfaces 2>/dev/null | grep -q lo

Framework references

CIS

rhel9 4.2.2rhel8 4.1.5rhel10 4.1.5

NIST 800-53

SC-7AC-4

Live verification

rhel9:check
#firewall#loopback#network#security