Re: rp_filter || log_martians don't work as expected

From: Theodor Milkov (zimage@delbg.com)
Date: Wed Feb 07 2001 - 15:54:28 EST


On Wed, Feb 07, 2001 at 04:17:39PM +0100, Andi Kleen wrote:
>
> The documentation is out of date, the '2' never reached an released kernel.
> Everything != 0 is equal to 1.
>

Thanks for clarification. Lets test it again:

 +----------------+
 | Linux box A |
 +----------------+
          | xx.xx.xx.21
          |
          | xx.xx.xx.17
 +----------------+ xx.xx.xx.5 +----------------+
 | Linux router-1 | <-----------------> | Linux router-2 |
 +----------------+ xx.xx.xx.6 +----------------+

root@router-1:~# for i in /proc/sys/net/ipv4/conf/*/rp_filter; do echo "0" > $i ;done

root@router-2:~# hping xx.xx.xx.21 --icmp -a xx.xx.xx.19 -c 3

root@box-a:~# tcpdump -p icmp
tcpdump: listening on eth0
22:40:15.458399 xx.xx.xx.19 > zimage.delbg.com: icmp: echo request
22:40:16.455486 xx.xx.xx.19 > zimage.delbg.com: icmp: echo request
22:40:17.455806 xx.xx.xx.19 > zimage.delbg.com: icmp: echo request

So far so good...

root@router-1:~# for i in /proc/sys/net/ipv4/conf/*/rp_filter; do echo "1" > $i ;done
root@router-1:~# for i in /proc/sys/net/ipv4/conf/*/log_martians; do echo "1" > $i ;done

root@router-2:~# hping xx.xx.xx.21 --icmp -a xx.xx.xx.19 -c 3

root@box-a:~# tcpdump -p icmp
tcpdump: listening on eth0
22:44:52.515555 xx.xx.xx.19 > zimage.delbg.com: icmp: echo request
22:44:53.509648 xx.xx.xx.19 > zimage.delbg.com: icmp: echo request
22:44:54.509775 xx.xx.xx.19 > zimage.delbg.com: icmp: echo request

Tricky... ;/

root@router-1:~# ip route flush cache

root@router-2:~# hping xx.xx.xx.21 --icmp -a xx.xx.xx.19 -c 3

root@box-a:~# tcpdump -p icmp
tcpdump: listening on eth0

Silence... ;-) Finally. But /var/log/messages remains empty (except syslogd
MARK's). What am I missing now? Please excuse me if it is something very
obvious.

egards

-- 
        =- --rw------- =--=--=--=--=--=--=--=--=--=--=--=--=--=
          Theodor Milkov           Administrator IP Networks
          Davidov Electric Ltd.    Phone: +359 2 730158
          PGP: http://www.zimage.delbg.com/zimage.asc
        =--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=

- To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org



This archive was generated by hypermail 2b29 : Wed Feb 07 2001 - 21:00:31 EST