On 08/15/11 16:25, Whit Blauvelt wrote:
Meanwhile, if anyone else here has a suggestion, the working assumption is that we don't have an example of the "Fool's Firewall" (as it is very clearly explained on Tom's page) so other suggestions will also be appreciated.
For giggles have you tried looking for the mac addresses on eth1 and eth2 (from your first message)?
Does the traffic coming in to eth5 have the proper MAC address of your Cogent router?
Have you considered sniffing the traffic with another device before the traffic enters eth5 to make sure that the traffic really is on the wire like you think it is verses some odd bug that is causing the traffic to be mis-represented by the kernel?
Start gathering duplicate data from other locations in the network to see what adds up and checksums each other and what does not. Follow the evidence.
It sounds like it's time to gather more data before you start filtering it down.
Grant. . . . -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
