mediumnetworkverified ✓
Configure firewalld loopback traffic rules
firewalld-loopback · RHEL ≥ 8 · 1 impl
Description
Firewalld should be configured to allow loopback traffic and block any traffic from external sources claiming to originate from the loopback address.
Rationale
Loopback traffic is required for local system communication. However, traffic claiming to be from 127.0.0.0/8 arriving on non-loopback interfaces is likely spoofed and should be blocked.
Check → Remediate
Checkcommand
firewall-cmd --zone=trusted --list-interfaces 2>/dev/null | grep -q lo
- expected_exit:
- 0
Remediatecommand_exec
firewall-cmd --permanent --zone=trusted --add-interface=lo && firewall-cmd --reload
- unless:
- firewall-cmd --zone=trusted --list-interfaces 2>/dev/null | grep -q lo
Framework references
CIS
rhel9 4.2.2rhel8 4.1.5rhel10 4.1.5
NIST 800-53
SC-7AC-4
Live verification
rhel9:check
#firewall#loopback#network#security