Re: ping broadcast into forward chain?? (IN=eth0 OUT=eth0)!!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 
----- Original Message ----- From: "Jan Engelhardt" <jengelh@xxxxxxxxxx> 
To: "Julio A. Romero" <julioarr@xxxxxxxxxxxx>
Cc: <netfilter@xxxxxxxxxxxxxxx>
Sent: Monday, September 19, 2011 12:15 PM
Subject: Re: ping broadcast into forward chain?? (IN=eth0 OUT=eth0)!!



On Monday 2011-09-19 18:10, Julio A. Romero wrote:



----- Original Message ----- From: "Jan Engelhardt" <jengelh@xxxxxxxxxx>
To: "Julio A. Romero" <julioarr@xxxxxxxxxxxx>
Cc: <netfilter@xxxxxxxxxxxxxxx>
Sent: Monday, September 19, 2011 11:55 AM
Subject: Re: ping broadcast into forward chain?? (IN=eth0 OUT=eth0)!!



Bah, don't strip the CC, and don't top-post.

On Monday 2011-09-19 17:43, Julio A. Romero wrote:


In the INPUT chain!!??


No, why? It was not a broadcast packet. Your syslog itself says:
DST=10.6.15.246.


but 10.6.15.246 is outside of my internal networks ??


Yes, which is why it goes to OUT=eth0.


the packets don't go through the box or yes?!


Of course they do go through your box, otherwise it would not be able to
log them.


what happen if I remove the rule to log?


There would be no entry in syslog, obviously.


now I know what happen!
anyone, I don't know who, he/she set a unassigned route pointing to my box. The packets arrived to my box through the external interface and then the destination is wrong, so, the packets go to the default gateway configured in my box, again through the external interface because the default gateway is outside of my network. When I set a rule in the FORWARD chain logging and dropping the packet whose source or destination don't match with my networks, I never thought in the above-mentioned situation. 

thanks once again!
julio



--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



--------------------------------------------------------------------------------



No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 9.0.914 / Virus Database: 271.1.1/3906 - Release Date: 09/19/11 02:34:00 

--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux