Re: a question about firewalls (or whatever else that might cause packet drop)
On 11/29/2012 12:21 AM, Pascal Hambourg wrote:
> Matej Kosik a écrit :
>> I am experiencing some deterministic packet drop:
>> - when I tcpreplay on "lo" some pcap (0.pcap) file,
>> that traffic does not reach listening applications
>> - when I change source IP address from whatever it was to, e.g.,
>> 10.0.10.6, 10.0.10.7 etc,
> Why these addresses ? What's special with them ?
> What is the original source address ?
I have discovered the following regularity:
- if source IP address in given pcap is one of "my" IP addresses,
then when I try to tcpreplay given pcap, the data is not delivered
- if I change all source IP addresses to any other non-local
IP addresses (e.g. 10.0.10.6, 10.0.10.7, ...
or if I use whatever other address from local network
except for my address), then when I tcpreplay modified pcap file,
then data is delivered to applications.
>> then when I try to replay the modified pcap file (1.pcap),
>> that traffic does reache applications.
>> I would like to find out the cause of this.
>> The only thing which could be causing thing I was aware of was
>> "iptables". However, when I apt-get removed it, nothing changed.
> You can display the active ruleset with iptables-save.
iptables-save does not print anything so the list of rules might be
empty, I guess.