No, iptables controls the flow. You cannot possibly always allow localhost no matter the state of iptables. First set a rule

iptables -I INPUT -i lo0 -j ACCEPT

Then don’t allow users to override or add rules on top before this rule. I would suggest not allowing users to fiddle with iptables directly at all, and instead give them a script which they can invoke with predefined functions/parameters that does specific allowed tasks for them.

If you allow users to modify iptables, one could add a rule on top like the one I posted with -j DROP and that’s that. That’s what iptables is for. There is no mechanism to “circumvent iptables for a specific set of parameters”, it’s the job of iptables to handle this.

No, iptables controls the flow. You cannot possibly always allow localhost no matter the state of iptables. First set a rule

iptables -I INPUT -i lo0 -j ACCEPT 

Then don’t allow users to override or add rules on top before this rule. I would suggest not allowing users to fiddle with iptables directly at all, and instead give them a script which they can invoke with predefined functions/parameters that does specific allowed tasks for them.

If you allow users to modify iptables, one could add a rule on top like the one I posted with -j DROP and that’s that. That’s what iptables is for. There is no mechanism to “circumvent iptables for a specific set of parameters”, it’s the job of iptables to handle this.