Re: FireStarter & martian source

To: Jody Grafals <jgrafals@techquest.cc>
Cc: debian-firewall@lists.debian.org
Subject: Re: FireStarter & martian source
From: Bernd Eckenfels <lists@lina.inka.de>
Date: Sat, 21 Jun 2003 19:53:09 +0200
Message-id: <[🔎] 20030621175309.GA31876@lina.inka.de>
In-reply-to: <[🔎] 3EF493DA.7040802@techquest.cc>
References: <[🔎] 3EF493DA.7040802@techquest.cc>

On Sat, Jun 21, 2003 at 01:20:26PM -0400, Jody Grafals wrote:
> /var/log/messages  Jun 21 10:52:29 cyberflunky kernel: martian source 
> 192.168.0.1 from 10.0.0.250, on dev ipsec0
> I did a grep of the "/etc/firestarter/firestarter.sh" and can only find 
> options on logging

this message is produced by the kernel, if the log_martians sysctl variable
is set to non null:

> egrep . /proc/sys/net/ipv4/conf/*/log_martians
/proc/sys/net/ipv4/conf/all/log_martians:2
/proc/sys/net/ipv4/conf/default/log_martians:0
/proc/sys/net/ipv4/conf/eth0/log_martians:0
/proc/sys/net/ipv4/conf/lo/log_martians:0

the logging is produced for martian packages, which are packages received on
an interface where they do not belong. The kernel notice this, by examining
the routing table.

You can turn that off with "echo 0 > /proc/sys/net/ipv4/conf/all/log_martians"
but this does not change the problem. You have eighter a wrong routing
configuration or somebody is using the wrong ip.

Greetings
Bernd
-- 
  (OO)      -- Bernd_Eckenfels@Wendelinusstrasse39.76646Bruchsal.de --
 ( .. )  ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
  o--o     *plush*  2048/93600EFD  eckes@irc  +497257930613  BE5-RIPE
(O____O)  When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!

Reply to:

References:
- FireStarter & martian source
  - From: Jody Grafals <jgrafals@techquest.cc>

Prev by Date: FireStarter & martian source
Next by Date: Multiport trouble
Previous by thread: FireStarter & martian source
Next by thread: Re: FireStarter & martian source
Index(es):
- Date
- Thread