Re: Where does rp_filter log to?
As far as I know, rp_filter does not log packet drops, which is
unfortunate. tcpdump also doesn't show rp_filtered packets, which makes
debugging rp_filter dropped packets fairly hard.
If you want to log them you probably want to turn rp_filter off, and set
up explicit iptables rules that block and log the packets. That's what
I do on our multi-homed router (because it's multi-homed, it has to have
rp_filter off anyway). I log packets coming in on either of the external
interfaces which claims to be coming from one of the internal addresses.
I also log packets coming in or going out of our network which have a
source or destination address which is unroutable (like 10.*, 192.168.*,
etc).
Sean
--
A ship in port is safe, but that is not what ships are for.
-- Rear Admiral Grace Murray Hopper
Sean Reifschneider, Member of Technical Staff <jafo@tummy.com>
tummy.com, ltd. - Linux Consulting since 1995. Qmail, Python, SysAdmin
Reply to: