mystery martian source from 127.0.0.1
- From: EricT <ericteuber@xxxxxx>
- Date: Wed, 07 Dec 2005 21:27:35 +0100
Hello everyone,
this matter has been discussed not only once, i found a lot of hits at
google. After reading almost all of them, i still do not know what the
cause is and actually i am very confused.
Some say the traffic is misrouted by the ISP, others think it is a
problem of the firewall NAT rules.
A syslog example:
Dec 06 21:50:58 localhost kernel: martian source 80.219.238.182 from
127.0.0.1, on dev eth0
Dec 06 21:50:58 localhost kernel: ll header:
xx:xx:xx:xx:xx:xx:00:09:7b:8d:98:70:08:00
xx:xx:xx:xx:xx:xx is the HWAddr of eth0, the rest of the header
(00:09:7b:8d:98:70:08:00) is absolutly unknown to me.
the traffic is coming from 127.0.0.1:80 (referring to tcpdump).
Unfortunatly, i cannot post any output of tcpdump, since these messages
(packets) occur arbitrary.
Do you know, what is it all about?
Thanks and greetz,
Eric
.
- Follow-Ups:
- Reply to all posters: mystery martian source from 127.0.0.1
- From: EricT
- Re: mystery martian source from 127.0.0.1
- From: Moe Trin
- Re: mystery martian source from 127.0.0.1
- From: Tauno Voipio
- Reply to all posters: mystery martian source from 127.0.0.1
- Prev by Date: Re: Security-oriented distro?
- Next by Date: Re: mystery martian source from 127.0.0.1
- Previous by thread: I'm looking for linux firewall that I can use for free with IPTABLES.
- Next by thread: Re: mystery martian source from 127.0.0.1
- Index(es):
Relevant Pages
|
