From: Shawn <core@enodev.com>
To: George Vieira <georgev@citadelcomputer.com.au>
Cc: "netfilter@lists.netfilter.org" <netfilter@lists.netfilter.org>
Subject: RE: Is this correct?
Date: 19 Jun 2003 22:10:44 -0500 [thread overview]
Message-ID: <1056078644.14138.84.camel@localhost> (raw)
In-Reply-To: <09B04A55822EFF4DA48D2E0BB2941D4A0D6F15@wardrive.citadelcomputer.com.au>
I must apologize, as my original scenario probably is not representative
of the problem.
In my original scenario, hosts trying to reach 10.0.0.1 thought they
were also on the 10.0.0.0/24 network, meaning they think there's no
router involved.
This means their stack tries to ARP for 10.0.0.1 (who has 10.0.0.1 out
onto the wire) and the linux-router would respond with it's MAC for eth0
if I were to bind 10.0.0.1 to eth0 as you suggested. ("ip addr add
10.0.0.1/8 dev eth0")
I wonder if my original scenario would work at all given this problem...
On Thu, 2003-06-19 at 21:39, George Vieira wrote:
> Why/How would the linux box broadcast it's ARP response to 10.0.0.1 when the IP doesn't belong to the firewall.. it just has a rule saying what to do if the packet arrives to it asking it to forward to that host... ARP is on different IP layer to netfilter.
> The rule doesn't make it respond to arp requests.
>
> Thanks,
> ____________________________________________
> George Vieira
> Systems Manager
> georgev@citadelcomputer.com.au
>
> Citadel Computer Systems Pty Ltd
> http://www.citadelcomputer.com.au
>
> Phone : +61 2 9955 2644
> HelpDesk: +61 2 9955 2698
>
>
> -----Original Message-----
> From: Shawn [mailto:core@enodev.com]
> Sent: Friday, June 20, 2003 12:29 PM
> To: George Vieira
> Cc: netfilter@lists.netfilter.org
> Subject: RE: Is this correct?
>
>
> I get confused because I picture other 10.0.0.0/24 hosts arping for
> 10.0.0.1 and getting the MAC for linux-router/eth0. How is this not the
> case?
>
> Thank you all so much for the help!
next prev parent reply other threads:[~2003-06-20 3:10 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-06-20 2:39 Is this correct? George Vieira
2003-06-20 3:10 ` Shawn [this message]
-- strict thread matches above, loose matches on Subject: below --
2004-02-06 12:01 is this correct ? Aleksandr Guidrevitch
2004-02-11 0:03 ` Antony Stone
2003-06-20 3:52 Is this correct? George Vieira
2003-06-20 3:37 George Vieira
2003-06-20 3:23 George Vieira
2003-06-20 2:49 George Vieira
2003-06-20 3:19 ` Shawn
2003-06-19 22:10 George Vieira
2003-06-20 2:28 ` Shawn
2003-06-20 2:41 ` Shawn
2003-06-19 22:06 Daniel Chemko
2003-06-20 2:30 ` Shawn
2003-06-20 2:35 ` Shawn
2003-06-19 21:07 Shawn
2003-06-19 22:06 ` Alistair Tonner
2003-06-20 3:13 ` Shawn
2003-06-20 4:09 ` Alistair Tonner
2003-06-12 15:43 Is this correct ? Frank R Callaghan
2003-06-12 19:57 ` Frank R Callaghan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1056078644.14138.84.camel@localhost \
--to=core@enodev.com \
--cc=georgev@citadelcomputer.com.au \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.