Re: Strange Problem - IPTables or Hardware related ????

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Tom Eastep <teastep@shorewall.net>
To: Rodolfo Siviero Stein <rstein@persogo.com.br>
Cc: netfilter@lists.netfilter.org
Subject: Re: Strange Problem - IPTables or Hardware related ????
Date: Mon, 21 Oct 2002 07:07:09 -0700	[thread overview]
Message-ID: <3DB40A0D.4090302@shorewall.net> (raw)
In-Reply-To: 5.1.1.6.0.20021018113106.00a91488@webmail.persogo.com.br

Rodolfo Siviero Stein wrote:

> 
>     Anyone had a problem like this ?  Any comments ?  Is this hardware 
> related or software ?
> 

Do you have multiple NICs cabled to the same HUB/switch? In my experience, 
when people see packets arriving on unexpected interfaces, that is the 
cause. The manner in which the Linux kernel handles ARP "who-has" requests 
makes this type of configuration unsuitable for firewalling since any 
interface connected to the HUB/switch can respond to "who-has" requests 
for any of the addresses assigned to one of those NICs.

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net

     prev parent reply	other threads:[~2002-10-21 14:07 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-10-18 14:56 Strange Problem - IPTables or Hardware related ???? Rodolfo Siviero Stein
2002-10-18 21:01 ` Joel Newkirk
2002-10-21 14:07 ` Tom Eastep [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3DB40A0D.4090302@shorewall.net \
    --to=teastep@shorewall.net \
    --cc=netfilter@lists.netfilter.org \
    --cc=rstein@persogo.com.br \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.