From 49f6ada4d89211c5d2ff316496f6fe5b7fe30c12 Mon Sep 17 00:00:00 2001
From: Dave Eargle <dave@daveeargle.com>
Date: Fri, 2 Oct 2020 17:08:16 -0400
Subject: [PATCH] allow all loopback traffic

see
https://github.com/rapid7/metasploitable3/pull/458#issuecomment-702942817
---
 chef/cookbooks/metasploitable/recipes/iptables.rb | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/chef/cookbooks/metasploitable/recipes/iptables.rb b/chef/cookbooks/metasploitable/recipes/iptables.rb
index 1382f5f..f4fc0f6 100644
--- a/chef/cookbooks/metasploitable/recipes/iptables.rb
+++ b/chef/cookbooks/metasploitable/recipes/iptables.rb
@@ -10,6 +10,14 @@ iptables_rule '00_established' do
   lines '-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT'
 end
 
+iptables_rule '00_lo_allow_in' do
+  lines '-I INPUT -i lo -j ACCEPT'
+end
+
+iptables_rule '00_lo_allow_out' do
+  lines '-I OUTPUT -o lo -j ACCEPT'
+end
+
 iptables_rule '01_ssh' do
   lines "-A INPUT -p tcp --dport 22 -j ACCEPT"
 end
@@ -17,6 +25,3 @@ end
 iptables_rule '999_drop_all' do
   lines '-A INPUT -j DROP'
 end
-
-
-