Re: weird message in logs - Jason Opperisano

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Jason Opperisano <opie@817west.com>
To: netfilter <netfilter@lists.netfilter.org>
Subject: Re: weird message in logs
Date: Tue, 19 Oct 2004 16:25:45 -0400	[thread overview]
Message-ID: <20041019202545.GA3913@bender.817west.com> (raw)
In-Reply-To: <11cb01c4b615$52ba8360$49caa8c0@caris.priv>

On Tue, Oct 19, 2004 at 04:53:37PM -0300, Peter Marshall wrote:
> Is it a problem that it is dropping these ?  I tried option a .. it did not
> seem to change anything.

i may have specified the wrong place the execute the command.  it looks
like you need to disable sending redirects on eth0 of the internal
firewall, but i may be misreading your diagram.

> |192.168.202.73| ---> |eth0 on internal firewall 192.168.200.1| ---> |eth0:1
> on internal firewal 10.90.0.1| ----> |eth1 on other firewall
> 10.90.0.2| ----> | eth0 on other firewall 192.168.90.1| --- >
> |192.168.90.10|
> 
> Basically, I was sshing to eth1 on the other firewall form 192.168.202.73
> ... I assume the redirect comes from the reply ?  technically, eth1 is on
> the same physical network as 192.168.200.0/21 ... so is that why it is doing
> the redirect ?

yes.

>  Is not logging these messages solving the problem ?  Or is
> there a prolem at all ?  Thank you very much for your reply.

the redirects are a symptom of your network topology--there's nothing
technically wrong with sending them, just as there is nothing
technically wrong with ignoring them.  if they bother you--use sysctl to
disable them from being sent on the machine that is sending them (or
disable them on all interfaces on both firewalls, if that's easier).

-j

-- 
Jason Opperisano <opie@817west.com>

next prev parent reply	other threads:[~2004-10-19 20:25 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-10-19 16:52 weird message in logs Peter Marshall
2004-10-19 18:38 ` Aleksandar Milivojevic
2004-10-20 11:30   ` Peter Marshall
2004-10-19 18:44 ` Jason Opperisano
2004-10-19 19:53   ` Peter Marshall
2004-10-19 20:03     ` Aleksandar Milivojevic
2004-10-19 20:25     ` Jason Opperisano [this message]
2004-10-19 21:16 ` [FAQ] " Cedric Blancher

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20041019202545.GA3913@bender.817west.com \
    --to=opie@817west.com \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.