On Saturday 29 November 2003 06:06 pm, Andrew S. Johnson wrote:
> On Saturday 29 November 2003 04:31 pm, Joey Kelly wrote:
> > Thou spake:
> > >I'm wondering if someone can tell me why I am getting
> > >this error message...
> > >
> > >"martian source 192.168.1.1 from 192.168.1.100, on dev eth0
> > >ll header: ff:ff:ff:ff:ff:ff:00:06:25:2a:72:d1:08:06"
> >
> >
> The first obvious thing is that this is a broadcast packet, just
> by looking at the source MAC address (ff:ff:ff:ff:ff:ff). What OS
s/source/destination/
This is what happens when you are answering e-mail and debating
with two kids about which movie to go see. One wants to see
Brother Bear, the other wants to see The Haunted Mansion.
<grin> Finally, a serious topic for a change. </grin>
Suggestions? We have to leave in 10 minutes to make one of
the shows.
Andy
> is the machine with MAC 00:06:25:2a:72:d1 running?
>
> Also, maybe you have something like this set somewhere in your
> startup scripts (could be set with sysctl too):
>
> # Log spoofed packets, source routed packets, redirect packets.
> /bin/echo "1" > /proc/sys/net/ipv4/conf/all/log_martians
>
> If you are using iptables, I found the following page to be a useful
> reference for reading the logs:
>
> http://logi.cc/linux/netfilter-log-format.php3
>
> Some more info, especially log entries from netfilter would help.
>
> Andy Johnson
>
>
> ___________________
> Nolug mailing list
> nolug@nolug.org
>
___________________
Nolug mailing list
nolug@nolug.org
Received on 11/29/03
This archive was generated by hypermail 2.2.0 : 12/19/08 EST