what is blocking packets before netfilter?
Horacio J. Peña
horape at tinuviel.compendium.com.ar
Sat Mar 5 19:47:15 CET 2005
I have:
# iptables -L -n -t mangle -v
Chain INPUT (policy ACCEPT 19862 packets, 1603K bytes)
pkts bytes target prot opt in out source destination
0 0 LOG all -- eth0 * 192.168.2.0/24 0.0.0.0/0 LOG flags 0 level 4
# iptables -L -n -t filter -v
Chain INPUT (policy ACCEPT 17061 packets, 1410K bytes)
pkts bytes target prot opt in out source destination
0 0 LOG all -- eth0 * 192.168.2.0/24 0.0.0.0/0 LOG flags 0 level 4
# tcpdump -nvvvpe icmp
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
15:44:34.189337 00:08:a1:6c:39:00 > 00:0a:e6:2d:90:77, ethertype IPv4 (0x0800), length 98: IP (tos 0x0, ttl64, id 1016, offset 0, flags [DF], length: 84) 192.168.2.1 > 10.5.0.1: icmp 64: echo request seq 63491
00:0a:e6:2d:90:77 is my MAC.
/proc/sys/net/ipv4/conf/*/rp_filter are 0.
/proc/sys/net/ipv4/conf/*/forwarding are 1.
What could be eating the packets? Shouldn't iptables see anything that comes to the interface?
Thanks,
HoraPe
---
Horacio J. Peña
horape at compendium.com.ar
horape at uninet.edu
More information about the netfilter-devel
mailing list