[opensuse] Who is eating my packets??
All, hardware: my router with three NICs. eth0 = local network (192.168.0.0/16) eth1 = ptp to adsl box eth2 = public network /27. Problem:
From a box (box67) on the public network, I ping an external address. Using tcpdump on eth2 I see the ICMP echo request. Using tcpdump on eth1 I see the ICMP echo request, and the echo reply from the external host. So far so good.
The echo reply never gets back to box67. I don't see it on eth2. So I disabled the firewall on the router, and put ACCEPT in INPUT, FORWARD and OUTPUT. I added some iptables log entries, expecting to see the echo reply somewhere. I can't catch it anywhere. I tried in PREROUTING, and I see nothing. So how can tcpdump see the incoming echo reply, but I can't catch it in PREROUTING? Who's eating my packets? /Per Jessen, Zürich -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
So how can tcpdump see the incoming echo reply, but I can't catch it in PREROUTING? Who's eating my packets?
http://ociore.orcasitas.com/wp-content/Muzzy.jpg he eats clocks usually ;) P.S. sorry for OT. -- Best regards, Nick Zeljkovic -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Nick Zeljkovic wrote:
So how can tcpdump see the incoming echo reply, but I can't catch it in PREROUTING? Who's eating my packets?
http://ociore.orcasitas.com/wp-content/Muzzy.jpg
he eats clocks usually ;)
Good answer, Nick - definitely the best so far. :-) /Per Jessen, Zürich -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Per Jessen wrote:
Nick Zeljkovic wrote:
So how can tcpdump see the incoming echo reply, but I can't catch it in PREROUTING? Who's eating my packets?
http://ociore.orcasitas.com/wp-content/Muzzy.jpg
he eats clocks usually ;)
Good answer, Nick - definitely the best so far. :-)
Having reread this howto, I've finally found the answer - clear the arp table on the adsl router. http://www.sjdjweis.com/linux/proxyarp/: "The main problem you can run into is that the router will probably cache the ARP entries for the machines for quite a while. The easiest way to solve that is to kill the power to your router and plug it back in." I rebooted the ADSL router, and all of a sudden everything was working as expected. /Per Jessen, Zürich -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (2)
-
Nick Zeljkovic
-
Per Jessen