wierd firewall thing!
hi all,
we have a linux (2.2 debian) firewall with two eth cards running here.
ip_forward is 1 and on each side of the firewall is a /25.
packets are routed through okay but a couple of days ago i noticed something
*very* strange.
packets coming into eth0 were not only going out eth1 (as they should) but
also being spat back out eth0 with a destination mac address of all f's.
this meant that al machines on the eth0 side of the network could see the
packets going through the machine.
i rebooted the server and all was well but apart from being a security
compromise, does any one have any idea how that could have happened?
Regards,
Marc-Adrian Napoli
Network Administrator
Connect Infobahn Australia
+61 2 9212 0387
Reply to: