[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Where does rp_filter log to?



As far as I know, rp_filter does not log packet drops, which is
unfortunate.  tcpdump also doesn't show rp_filtered packets, which makes
debugging rp_filter dropped packets fairly hard.

If you want to log them you probably want to turn rp_filter off, and set
up explicit iptables rules that block and log the packets.  That's what
I do on our multi-homed router (because it's multi-homed, it has to have
rp_filter off anyway).  I log packets coming in on either of the external
interfaces which claims to be coming from one of the internal addresses.
I also log packets coming in or going out of our network which have a
source or destination address which is unroutable (like 10.*, 192.168.*,
etc).

Sean
-- 
 A ship in port is safe, but that is not what ships are for.
                 -- Rear Admiral Grace Murray Hopper
Sean Reifschneider, Member of Technical Staff <jafo@tummy.com>
tummy.com, ltd. - Linux Consulting since 1995.  Qmail, Python, SysAdmin



Reply to: