[Nix-dev] [NixOS] 127.0.0.1 in /etc/hosts
Mathijs Kwik
mathijs at bluescreen303.nl
Wed Oct 10 18:00:28 CEST 2012
I ran into an issue.
mongodb seems to connect to itself, but does so by hostname.
This used to resolve to lo(127.0.0.1), which the firewall fully trusts.
Now it resolves to eth0/wlan0 and the firewall rejects these requests
(I do not want external connections to it).
I was hoping I could add a firewall rule to allow traffic that
originates from the same interface, but I couldn't figure out how to
do this. As this is a laptop, which I use in multiple networks (dhcp),
I cannot use any IP-based rules as well.
Any suggestions?
Thanks,
Mathijs
On Mon, Oct 8, 2012 at 7:33 PM, Eelco Dolstra
<eelco.dolstra at logicblox.com> wrote:
> Hi,
>
> On 07/10/12 00:24, Eelco Dolstra wrote:
>
>>> Is there some particular motivation behind the /etc/hosts generation? Why
>>> should the hostname always be mapped to 127.0.0.1? I think it is wrong,
>>> simply.
>>
>> The reason is that some software assumes that the hostname resolves to a valid
>> IP address. However, a better solution is to use nss-myhostname [1], which I'm
>> currently testing. It makes the hostname resolve to the IP addresses of your
>> network interfaces, or ::1 / 127.0.0.2 as a fallback.
>
> I've pushed this to the NixOS repo on GitHub now. Please let me know if this
> causes any problems.
>
> P.S. I do know that it won't work for people who have nscd disabled. Without
> nscd, programs need to have all active NSS modules in their $LD_LIBRARY_PATH.
> Going through nscd gets rid of that problem (since only nscd has to be able to
> find them).
>
> --
> Eelco Dolstra | LogicBlox, Inc. | http://nixos.org/~eelco/
> _______________________________________________
> nix-dev mailing list
> nix-dev at lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
More information about the nix-dev
mailing list