On Tue, Dec 20, 2005 at 12:34:25PM +0100, Marco Berizzi wrote: > Good morning Bill. > I think I have found the "feature": /proc/sys/net/ipv4/conf/*/log_martians > Enabling it and then dmesging I see: > > Dec 20 10:18:42 Pleiadi kernel: martian source 'HDSL_public_network_host' > from 'ADSL_IP', on dev eth0 > Dec 20 10:18:42 Pleiadi kernel: ll header: > 00:60:97:d8:e5:01:00:07:50:7e:65:e0:08:00 > > So I think linux will drop these packets anyway (they will even not reach > netfilter I think): > may anyone confirm this? They get dropped by the rp_filter. If you disable the rp_filter, they don't get dropped (or logged) anymore... Have a nice day, -- Martijn van Oosterhout <kleptog@xxxxxxxxx> http://svana.org/kleptog/ > Patent. n. Genius is 5% inspiration and 95% perspiration. A patent is a > tool for doing 5% of the work and then sitting around waiting for someone > else to do the other 95% so you can sue them.
Attachment:
pgpj0kob0eJiH.pgp
Description: PGP signature
