On Fri, Jan 15, 2010 at 13:44, Pascal Hambourg <pascal.mail@xxxxxxxxxxxxxxx> wrote: > Consider using addresses in the special range 192.0.2.0/24 reserved for > examples and documentation instead of random addresses that are not > allocated to you. See RFC 3330. Thanks for the information! > > root@pm-inner-gw:~# tshark -Nm -i eth0 host ! 192.168.1.1 > > Running as user "root" and group "root". This could be dangerous. > > Capturing on eth0 > > 0.000000 1.1.1.1 -> 192.168.1.2 TCP 1271 > 222 [SYN] Seq=0 > > Win=65535 Len=0 MSS=1460 > > 0.439790 192.168.1.2 -> 1.1.1.1 ICMP Destination unreachable (Host > > unreachable) > > ICMP host unreachable usually indicates an ARP failure for the next hop > address. What happens on INNER_GW's eth1 and HOST's eth0 (IP or ARP) ? Nothing happened. Complete silence. But I got it working by specifying a larger subnet (27->24). And I'm sure that INNER_GW's internal interface and HOSTS IPs weren't on different subnets. :-) -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
