[Bug 814] rpfilter blocks broadcast packets
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Fri Apr 12 10:24:15 CEST 2013
https://bugzilla.netfilter.org/show_bug.cgi?id=814
Florian Westphal <fw at strlen.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fw at strlen.de
--- Comment #1 from Florian Westphal <fw at strlen.de> 2013-04-12 10:24:14 CEST ---
(In reply to comment #0)
> # ip addr show br.qemu
> 10: br.qemu: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
> link/ether 02:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
> inet 192.168.2.1/24 scope global br.qemu
>
> Here is rules:
> # iptables -A PREROUTING -t raw -i br.qemu -m rpfilter -j RETURN
> # iptables -A PREROUTING -t raw -j LOG --log-level 7 --log-prefix "antispoof: "
>
> Here is example of blocked packet (samba/netbios announce, I suppose):
> kern.debug: antispoof: IN=br.qemu OUT= MAC= SRC=192.168.2.1 DST=192.168.2.255
> LEN=248 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=228
>
> Also I notice `ping -b 192.168.2.255` is also blocked:
> kern.debug: antispoof: IN=br.qemu OUT= MAC= SRC=192.168.2.1 DST=192.168.2.255
> LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=22024
> SEQ=1 like -s 192.168.2.0/24?
Could you clarify on which machine these packets are generated?
The packet src ip is the bridge itself. Are these packets locally generated?
--
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the netfilter-buglog
mailing list