Re: Packet capturing, iptables and eth0 vs. dummy0
From: DervishD
Date: Wed Nov 17 2004 - 18:28:10 EST
Hi Harald :)
* Harald Welte <laforge@xxxxxxxxxxxx> dixit:
> On Wed, Nov 17, 2004 at 09:30:33PM +0100, DervishD wrote:
> please send netfilter/iptables related questions to the respective
> lists:
> netfilter@xxxxxxxxxxxxxxxxxxx (for user questions)
> netfilter-devel@xxxxxxxxxxxxxxxxxxx (for development issues)
This time the iptables issue was just... collateral, so to say.
The problem was with tcpdump since I knew that packets were being
filtered.
> > I've noticed that, no matter what filtering is iptables doing,
> > tcpdump gets all packets from interface eth0 as seen in the bus,
> This is correct. iptables is a IPv4 packet filter. It is part of the
> IPv4 stack. tcpdump uses PF_PACKET which attaches right above the
> NIC driver, therefore you capture packets way before they enter the IPv4
> stack.
OK, I didn't see the problem from that perspective. Anyway, using
'lo' instead of 'dummy' solved the problem :)
Thanks for the help :)
Raúl Núñez de Arenas Coronado
--
Linux Registered User 88736
http://www.dervishd.net & http://www.pleyades.net/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/