From e7105273828ddd294c37d5e305024e7e19442874 Mon Sep 17 00:00:00 2001
From: Joe LeVeque <jleveque@users.noreply.github.com>
Date: Fri, 13 Jul 2018 10:27:47 -0700
Subject: [PATCH] [caclmgrd] Add a rule to allow all connections from localhost
 (#1858)

---
 files/image_config/caclmgrd/caclmgrd | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/files/image_config/caclmgrd/caclmgrd b/files/image_config/caclmgrd/caclmgrd
index 0dc59766b3..6ddd6de007 100755
--- a/files/image_config/caclmgrd/caclmgrd
+++ b/files/image_config/caclmgrd/caclmgrd
@@ -121,6 +121,10 @@ class ControlPlaneAclManager(object):
         iptables_cmds.append("ip6tables -F")
         iptables_cmds.append("ip6tables -X")
 
+        # Add iptables commands to allow all IPv4 and IPv6 traffic from localhost
+        iptables_cmds.append("iptables -A INPUT -s 127.0.0.1 -i lo -j ACCEPT")
+        iptables_cmds.append("ip6tables -A INPUT -s ::1 -i lo -j ACCEPT")
+
         # Get current ACL tables and rules from Config DB
         self._tables_db_info = self.config_db.get_table(self.ACL_TABLE)
         self._rules_db_info = self.config_db.get_table(self.ACL_RULE)