[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

tcpdump bug???


Anyone else agree that there is a bug in tcpdump here?

snoopy:~# tcpdump -i ppp0 -e
tcpdump: listening on ppp0
12:26:39.696219 ip: > icmp: echo request
12:26:39.842301 ip: > icmp: echo reply
12:26:40.694174 ip: > icmp: echo request
12:26:40.832367 ip: > icmp: echo reply

I am trying to get masquerading working with 2.4.0test10.

According to this tcpdump, the packet is getting sent from the
masqueraded address OK, but the reply goes back to the private

So either:

1. masquerading doesn't work (probably my fault), and tcpdump is
showing the wrong source address. This could also be a kernel bug, but
I am skeptical (doesn't the kernel pass the raw data directly to

2. the remote host determines the real IP address via ESP and uses
that instead of the correct address.

Note: I get similar results for TCP as well as ICMP.
Brian May <bam@debian.org>

Reply to: