Re: iptables: forwarding on internal device

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



> -----Original Message-----
> From: centos-bounces@xxxxxxxxxx 
> [mailto:centos-bounces@xxxxxxxxxx] On Behalf Of Marcus Moeller
> Sent: Tuesday, February 10, 2009 2:49 PM
> To: CentOS mailing list
> Subject: Re:  iptables: forwarding on internal device

> 
> I have defined a route to LAN2 over a gateway in LAN1 (same network
> segment) and all machines in LAN2 have the CORE-ROUTER
> defined as default gw which itself got a last resort to the 
> LINUX_ROUTER.
> 
> > Only other thing you can do is start from scratch. Save all 
> your rules and
> > add them one at a time. If you can't have it off the 
> network reduce the
> > rules to a bare minimum. Are the switches configured correct?
> 
> I wonder if netfilter just drops a package if it's response comes from
> a different MAC address.
----
Sure it Could Happen

IF, you have 3 routers between your source and destination
machines. Your destination machine will see the MAC address of
the third-on-the-way router, not your original machine. This make sense to
you?
In other words every time a packet hits a new ip it is changed along with
the MAC.
MAC Spoofing Kinda.

But I would not think that netfilter JUST DROPS it for the heck of it.

JohnStanley

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux