On 8/4/12 5:58 AM, "Bas van Schaik" <[email protected]> wrote: >On 03/08/12 16:44, Tom Eastep wrote: >> Then you can't possibly get getting martian messages. >That's what I thought, but they are most certainly there. > >This is what I do to get them: >> $ for rtfile in `ls /proc/sys/net/ipv4/conf/*/rp_filter`; do echo -n >> "$rtfile:"; cat "$rtfile"; done; echo; wget --timeout=2 www.sjvs.nl >> --tries=1; tail -n1 /var/log/syslog >> /proc/sys/net/ipv4/conf/all/rp_filter:0 >> /proc/sys/net/ipv4/conf/default/rp_filter:0 >> /proc/sys/net/ipv4/conf/eth0/rp_filter:0 >> /proc/sys/net/ipv4/conf/lo/rp_filter:0 >> /proc/sys/net/ipv4/conf/tun0/rp_filter:0 >> /proc/sys/net/ipv4/conf/tun1/rp_filter:0 >> >> --2012-08-04 13:53:57-- http://www.sjvs.nl/ >> Resolving www.sjvs.nl... 37.34.58.203 >> Connecting to www.sjvs.nl|37.34.58.203|:80... failed: Connection timed >> out. >> Giving up. >> >> Aug 4 13:53:57 guust kernel: [77144.413105] martian source >> 192.168.103.6 from 129.67.194.105, on dev tun0 > >These commands a run on the server (eth0:129.67.194.105, >tun0:192.168.103.6, configuration unchanged from the shorewall dump >attached to my message of Aug 1, 12:07). Note that www.sjvs.nl resolves >to the vps-gateway at 37.34.58.203, which then routes the traffic back >to the server on tun0. > >What's the meaning of 'logmartians' in 'interfaces', given that >ROUTE_FILTER=No and there are no 'routefilter' entries in 'interfaces'?
I was under the impression that logmartians didn't do anything if rp_filter wasn't set on the interface. If you are still seeing Martian messages, then you'll have to set logmartions=0 for the tun0 interface. -Tom You do not need a parachute to skydive. You only need a parachute to skydive twice. ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
