ludo84 0 Posted March 27 Share Posted March 27 Hy all, I have a problem with my nftables firewalls since i had installed ESET on my Linux Server. I have strange behavior of the loopback interface. Internal connections go through the network card, not "lo". These unusual connections are therefore blocked by the firewall. Bad log with ESET WAP: IN= OUT=wlp3s0 SRC=192.168.0.XXX DST=127.0.0.1 LEN=60 ............... Good log without ESET_WAP IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 ............... System: Ubuntu 22LTS Kernel 6.5.0-25-generic ESET 10.2.2.0 Note: I have the problem with Debian 12 server. Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,088 Posted March 27 Administrators Share Posted March 27 Perhaps changing the priority of the output chain would help. If you use "filter" priority (alias for 0), change it to -102. If that doesn't help, please raise a support ticket. Quote Link to comment Share on other sites More sharing options...
ludo84 0 Posted March 27 Author Share Posted March 27 (edited) OK, i found the source of problem. Indeed, it is a problem of nftable ruleset, ESET inject NAT rules with higher priority (priority -101). ESET rules NAT all TCP connections to 127.0.0.1:37687. But these strange connections are forbidden by my rules. I hope this port is static ! => not ! I will add a specific rule to accept this. (all interface, all IP to 127.0.0.1, is not beautiful) in output chain: ip daddr 127.0.0.1 tcp dport 1024-65535 accept Edited March 27 by ludo84 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.