Hi: I am having this problem since I set up the firewall; my syslog file is full with these messages: fw kernel: martian source 201.225.XXX.XXX from 201.225.XXX.XXX, on dev eth1 fw kernel: ll header: ff:ff:ff:ff:ff:ff:00:a0:c5:69:0f:7c:08:00 fw kernel: martian source 192.168.10.255 from 192.168.10.10, on dev eth0 fw kernel: ll header: ff:ff:ff:ff:ff:ff:00:07:95:2e:5e:66:08:00 This is my config: Mandrake with Shorewall over iptables, and NAT on the eth1 lan device. Eth0 to the Internet connected to a hub, where the Internet router is connected. Eth1 to the lan connected to a different hub (both hubs are interconnected) I know the problem is because the fw nat is sending packages from one device to another, but I don''t know how to fix the martian sources issue. Thanks in advanced. Conrado
Conrado Zelaya wrote:> > Eth1 to the lan connected to a different hub (both hubs are interconnected)Don''t do that! -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
May this be the problem? -----Mensaje original----- De: shorewall-users-admin@lists.sourceforge.net [mailto:shorewall-users-admin@lists.sourceforge.net] En nombre de Tom Eastep Enviado el: Friday, July 29, 2005 3:31 PM Para: shorewall-users@lists.sourceforge.net Asunto: Re: [Shorewall-users] Martian Sources Conrado Zelaya wrote:> > Eth1 to the lan connected to a different hub (both hubs areinterconnected) Don''t do that! -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
Robert K Coffman Jr - Info From Data Corporation
2005-Jul-29 20:35 UTC
RE: Martian Sources
I''m not sure why your hubs are interconnected, but it''s a bad idea. Two interconnected hubs=1 hub. The following is from the Shorewall documentation: Warning Do not connect the internal and external interface to the same hub or switch except for testing AND you are running Shorewall version 1.4.7 or later. When using these recent versions, you can test using this kind of configuration if you specify the arp_filter option in /etc/shorewall/interfaces for all interfaces connected to the common hub/switch. Using such a setup with a production firewall is strongly recommended against. -----Original Message----- From: shorewall-users-admin@lists.sourceforge.net [mailto:shorewall-users-admin@lists.sourceforge.net] On Behalf Of Conrado Zelaya Sent: Friday, July 29, 2005 4:24 PM To: shorewall-users@lists.sourceforge.net Subject: [Shorewall-users] Martian Sources Hi: I am having this problem since I set up the firewall; my syslog file is full with these messages: fw kernel: martian source 201.225.XXX.XXX from 201.225.XXX.XXX, on dev eth1 fw kernel: ll header: ff:ff:ff:ff:ff:ff:00:a0:c5:69:0f:7c:08:00 fw kernel: martian source 192.168.10.255 from 192.168.10.10, on dev eth0 fw kernel: ll header: ff:ff:ff:ff:ff:ff:00:07:95:2e:5e:66:08:00 This is my config: Mandrake with Shorewall over iptables, and NAT on the eth1 lan device. Eth0 to the Internet connected to a hub, where the Internet router is connected. Eth1 to the lan connected to a different hub (both hubs are interconnected) I know the problem is because the fw nat is sending packages from one device to another, but I don''t know how to fix the martian sources issue. Thanks in advanced. Conrado ------------------------------------------------------- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=click
Problem corrected, thank you all for your help. (Btw: I just had the 2 hubs connected, cause there where no more free ports for all the computers, I will get a new one) -----Mensaje original----- De: shorewall-users-admin@lists.sourceforge.net [mailto:shorewall-users-admin@lists.sourceforge.net] En nombre de Robert K Coffman Jr - Info From Data Corporation Enviado el: Friday, July 29, 2005 3:35 PM Para: shorewall-users@lists.sourceforge.net Asunto: RE: [Shorewall-users] Martian Sources I''m not sure why your hubs are interconnected, but it''s a bad idea. Two interconnected hubs=1 hub. The following is from the Shorewall documentation: Warning Do not connect the internal and external interface to the same hub or switch except for testing AND you are running Shorewall version 1.4.7 or later. When using these recent versions, you can test using this kind of configuration if you specify the arp_filter option in /etc/shorewall/interfaces for all interfaces connected to the common hub/switch. Using such a setup with a production firewall is strongly recommended against. -----Original Message----- From: shorewall-users-admin@lists.sourceforge.net [mailto:shorewall-users-admin@lists.sourceforge.net] On Behalf Of Conrado Zelaya Sent: Friday, July 29, 2005 4:24 PM To: shorewall-users@lists.sourceforge.net Subject: [Shorewall-users] Martian Sources Hi: I am having this problem since I set up the firewall; my syslog file is full with these messages: fw kernel: martian source 201.225.XXX.XXX from 201.225.XXX.XXX, on dev eth1 fw kernel: ll header: ff:ff:ff:ff:ff:ff:00:a0:c5:69:0f:7c:08:00 fw kernel: martian source 192.168.10.255 from 192.168.10.10, on dev eth0 fw kernel: ll header: ff:ff:ff:ff:ff:ff:00:07:95:2e:5e:66:08:00 This is my config: Mandrake with Shorewall over iptables, and NAT on the eth1 lan device. Eth0 to the Internet connected to a hub, where the Internet router is connected. Eth1 to the lan connected to a different hub (both hubs are interconnected) I know the problem is because the fw nat is sending packages from one device to another, but I don''t know how to fix the martian sources issue. Thanks in advanced. Conrado ------------------------------------------------------- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=ick _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=click
Conrado Zelaya escribió:> Problem corrected, thank you all for your help. > > (Btw: I just had the 2 hubs connected, cause there where no more free ports > for all the computers, I will get a new one) >never use that kind of network setup. you can be EASILY hacked.