On Tue, May 14, 2002 at 07:05:29PM -0300, Tiago Fioreze wrote: > > tcpdump: listening on en0 >18:46:30.687660229 myhost.55611 > my_squid_server.8080: S 34894507 >80:3489450780(0) win 5840 <mss 1460,sackOK,timestamp 168050131 2113929216,nop,ws >cale 0> (DF)] >18:46:30.688073773 my_squid_server.8080 > myhost.55611: S 32226271 >83:3222627183(0) ack 3489450781 win 17520 <mss 1460>] a kernel level tunnel? it looks like myhost and my_squid_server can talk via en0, but not via eth0. > > > On Firewall Box: (command: tcpdump host my_squid_server) > > tcpdump: listening on eth0 > 18:39:51.962480 arp who-has my_squid_server tell my_firewall <snip> > 18:40:36.962475 arp who-has my_squid_server tell my_firewall > > > On My Host Box: (command: tcpdump host my_squid_server) > > tcpdump: listening on eth0 > 18:58:05.045512 arp who-has my_squid_server tell my_firewall <snip> > 18:58:31.040055 arp who-has my_squid_server tell myhost if you did not want a tunnel, try turning off en0 (ifdown en0 | ifconfig en0 down | whatever works in your distro) and check the route (route -n). it looks like you can not ping my_squid_server from my_firewall (and vise-versa) via eth0 now. good luck -- David Correa Public Key http://www.linux-tech.com/linuxtech.asc Key fingerprint 7F2C E072 479D 71B4 008B 373E A284 8CDE 7659 F5D8 ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.
