3.5.1.4 Ensure ufw loopback traffic is configured
Audit#
Run the following commands and verify output includes the listed rules in order:
# ufw status verbose
To Action From
-- ------ ----
Anywhere on lo ALLOW IN Anywhere
Anywhere DENY IN 127.0.0.0/8
Anywhere (v6) on lo ALLOW IN Anywhere (v6)
Anywhere (v6) DENY IN ::1
Anywhere ALLOW OUT Anywhere on lo
Anywhere (v6) ALLOW OUT Anywhere (v6) on lo
Remediation#
Run the following commands to implement the loopback rules: