On 03/08/12 16:44, Tom Eastep wrote: > Then you can't possibly get getting martian messages. That's what I thought, but they are most certainly there.
This is what I do to get them: > $ for rtfile in `ls /proc/sys/net/ipv4/conf/*/rp_filter`; do echo -n > "$rtfile:"; cat "$rtfile"; done; echo; wget --timeout=2 www.sjvs.nl > --tries=1; tail -n1 /var/log/syslog > /proc/sys/net/ipv4/conf/all/rp_filter:0 > /proc/sys/net/ipv4/conf/default/rp_filter:0 > /proc/sys/net/ipv4/conf/eth0/rp_filter:0 > /proc/sys/net/ipv4/conf/lo/rp_filter:0 > /proc/sys/net/ipv4/conf/tun0/rp_filter:0 > /proc/sys/net/ipv4/conf/tun1/rp_filter:0 > > --2012-08-04 13:53:57-- http://www.sjvs.nl/ > Resolving www.sjvs.nl... 37.34.58.203 > Connecting to www.sjvs.nl|37.34.58.203|:80... failed: Connection timed > out. > Giving up. > > Aug 4 13:53:57 guust kernel: [77144.413105] martian source > 192.168.103.6 from 129.67.194.105, on dev tun0 These commands a run on the server (eth0:129.67.194.105, tun0:192.168.103.6, configuration unchanged from the shorewall dump attached to my message of Aug 1, 12:07). Note that www.sjvs.nl resolves to the vps-gateway at 37.34.58.203, which then routes the traffic back to the server on tun0. What's the meaning of 'logmartians' in 'interfaces', given that ROUTE_FILTER=No and there are no 'routefilter' entries in 'interfaces'? Thanks, Bas ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
