> -----Original Message-----
> From: centos-bounces@xxxxxxxxxx
> [mailto:centos-bounces@xxxxxxxxxx] On Behalf Of Marcus Moeller
> Sent: Tuesday, February 10, 2009 2:49 PM
> To: CentOS mailing list
> Subject: Re: iptables: forwarding on internal device
>
> I have defined a route to LAN2 over a gateway in LAN1 (same network
> segment) and all machines in LAN2 have the CORE-ROUTER
> defined as default gw which itself got a last resort to the
> LINUX_ROUTER.
>
> > Only other thing you can do is start from scratch. Save all
> your rules and
> > add them one at a time. If you can't have it off the
> network reduce the
> > rules to a bare minimum. Are the switches configured correct?
>
> I wonder if netfilter just drops a package if it's response comes from
> a different MAC address.
----
Sure it Could Happen
IF, you have 3 routers between your source and destination
machines. Your destination machine will see the MAC address of
the third-on-the-way router, not your original machine. This make sense to
you?
In other words every time a packet hits a new ip it is changed along with
the MAC.
MAC Spoofing Kinda.
But I would not think that netfilter JUST DROPS it for the heck of it.
JohnStanley
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
