On Tue, Jan 27, 2009 at 9:19 PM, Mart Frauenlob <mart.frauenlob@xxxxxxxxx> wrote: > Yury Polyanskiy wrote: >> >> Hello everyone! >> >> I wanted to filter out the annoying logs: >> >> Jan 24 00:19:54 tetra kernel: martian destination 0.0.0.0 from 1.2.3.4, >> dev eth0 >> >> and issued the following: >> >> #iptables -t raw -I PREROUTING -s 1.2.3.4 -d 0.0.0.0 -j DROP >> #iptables -t raw -I PREROUTING -s 1.2.3.4 -j DROP >> >> Amazingly, I'm still getting those pesky log messages. How is this >> possible? >> > > find /proc -name log_martians > > set the one for your interface to `0'. > Thanks, but I was asking how is it possible that a packet slips through the -s 1.2.3.4 -j DROP rule in PREROUTING. Y -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
