Hello,
is it possible that with the OpenVPN interface tun0 every now and then
some packets with a private source address are visible and forwarded to
the router? because either it is intentional and I do not know or I
found an error in the NAT translation that skips some packet and I see
it on the router where the packet should not be, i.e. the router is a
public addressing router, so in order for the packet to get there, the
machine that sent it must exit at public which a few packages don't do
....
I also reported the problem to kernel.org, but I don't know if netfilter
is the right place.
1. server source with openvpn server
Mar 10 11:30:09 server kernel: [26083675.795216] Forward-Out: IN=tun0
OUT=eno1 MAC= SRC=192.168.5.10 DST=216.58.209.10 LEN=52 TOS=0x00
PREC=0x00 TTL=63 ID=64660 DF PROTO=TCP SPT=42296 DPT=443 SEQ=443014968
ACK=3344394422 WINDOW=501 RES=0x00 ACK FIN URGP=0 OPT
(0101080AD162AFE7A0460968)
2. server/router with only public addresses - default gateway
11:30:09.745326 xx:xx:xx:xx:xx:xx > zz:zz:zz:zz:zz:zz, ethertype 802.1Q
(0x8100), length 64: vlan 1234, p 0, ethertype IPv4 (0x0800), (tos 0x0,
ttl 63, id 0, offset 0, flags [DF], proto TCP (6), length 40)
192.168.5.10.42296 > 216.58.209.10.443: Flags [R], cksum 0xa055
(correct), seq 443014968, win 0, length 0
3. NAT rule
Chain POSTROUTING (policy ACCEPT 65M packets, 5184M bytes)
pkts bytes target prot opt in out source
destination
1905K 345M SNAT all -- * eno1 192.168.5.0/24
0.0.0.0/0 to:1.2.3.4 (my public IP)
4. why ?? passed or not ??
Regards
--
Marcin Kabiesz
Administrator Sieci IT
