On Saturday 29 November 2003 04:31 pm, Joey Kelly wrote:
> Thou spake:
> >I'm wondering if someone can tell me why I am getting
> >this error message...
> >
> >"martian source 192.168.1.1 from 192.168.1.100, on dev eth0
> >ll header: ff:ff:ff:ff:ff:ff:00:06:25:2a:72:d1:08:06"
>
>
The first obvious thing is that this is a broadcast packet, just
by looking at the source MAC address (ff:ff:ff:ff:ff:ff). What OS
is the machine with MAC 00:06:25:2a:72:d1 running?
Also, maybe you have something like this set somewhere in your
startup scripts (could be set with sysctl too):
# Log spoofed packets, source routed packets, redirect packets.
/bin/echo "1" > /proc/sys/net/ipv4/conf/all/log_martians
If you are using iptables, I found the following page to be a useful
reference for reading the logs:
http://logi.cc/linux/netfilter-log-format.php3
Some more info, especially log entries from netfilter would help.
Andy Johnson
___________________
Nolug mailing list
nolug@nolug.org
Received on 11/29/03
This archive was generated by hypermail 2.2.0 : 12/19/08 EST