Hello,
Micha a écrit :
Am i right that locally generated traffic never has a MAC address (besides
00:00:00:00:00:00:00:00:00:00:00:00:08:00 ) even for traffic from/to the
own 'external' IP, that is, the physical NIC attached to the gateway
(like, eth0=192.168.1.2) ? It never can be sniffed, for example ?
I'm not sure I understand what you mean. Obviously, locally generated
packets have hardware source and destination address, if applicable (not
all link types have hardware addresses). But, if that's what you mean,
the hardware source and destination addresses are not visible in the
iptables chains and logs. However they are visible with a packet
sniffer, such as tcpdump with the -e option.
If i send to 192.168.1.2, what happens in the kernel router ?
The packet is routed through the loopback interface (lo), just like any
locally generated packet with a local destination address. The hardware
source and destination address are the loopback interface "hardware"
address, 00:00:00:00:00:00. Loopback routing of local addresses is due
to the presence of a local route for each local address in the 'local'
routing table. The content of this table, which also contains the
broadcast routes, can be displayed with the following command :
ip route list table local
And is there any significant difference to 127.0.0.1 traffic ?
Not really.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
