服务器出现大量的 kernel: martian source 192.168.110.255 from 192.168.110.1, on dev eth0类似错误提示
发表于 2007-11-27 14:25 作者: wangyu1314
不知道啥原因。google了半天。终于找到解决方法。
OK。
ADSL Server出现如下大量提示:/var/log/messages
Mar 19 16:36:43 ADSLserver kernel: ll header: ff:ff:ff:ff:ff:ff:00:48:54:5b:0d:3f:08:00
Mar 19 16:36:43 ADSLserver kernel: martian source 192.168.6.255 from 192.168.6.2, on dev eth0
Mar 19 16:36:43 ADSLserver kernel: ll header: ff:ff:ff:ff:ff:ff:00:48:54:5b:0d:3f:08:00
Mar 19 16:36:43 ADSLserver kernel: martian source 192.168.6.255 from 192.168.6.2, on dev eth0
Mar 19 16:36:43 ADSLserver kernel: ll header: ff:ff:ff:ff:ff:ff:00:48:54:5b:0d:3f:08:00
解决:
echo 0 >/proc/sys/net/ipv4/conf/eth0/rp_filter
原因:
http://linux.chinaitlab.com/server/534526_6.html
22.4 战神攻击
如果tcpdump显示Linux服务器看起来没有对来自Windows/Mac客户端的数据包做出响应,那么可能没有禁用反向路径过滤(Reverse Path Filtering)。如果你在/var/log/messages里看到这样:
martian destination 127.0.0.1 from 192.168.0.222, dev ipsec0
martian source 192.168.0.200 from 192.168.0.222, on dev eth0
ll header: 00:00:00:00:00:00:00:40:33:2c:70:c8:08:00
那么你需要清空rp_filter。如果在/var/log/messages向回翻,你可以看到FreeS/WAN有这样的提示:
ipsec_setup: (/proc/sys/net/ipv4/conf/eth0/rp_filter = `1', should be 0)
如是eth0设备,使用echo 0 >; /proc/ss/net/ipv4/conf/eth0/rp_filter可以快速修复这个问题。作为选择,你可以在/etc/sysctl.conf中添加net.ipv4.conf.default.rp_filter=0。
OK。
ADSL Server出现如下大量提示:/var/log/messages
Mar 19 16:36:43 ADSLserver kernel: ll header: ff:ff:ff:ff:ff:ff:00:48:54:5b:0d:3f:08:00
Mar 19 16:36:43 ADSLserver kernel: martian source 192.168.6.255 from 192.168.6.2, on dev eth0
Mar 19 16:36:43 ADSLserver kernel: ll header: ff:ff:ff:ff:ff:ff:00:48:54:5b:0d:3f:08:00
Mar 19 16:36:43 ADSLserver kernel: martian source 192.168.6.255 from 192.168.6.2, on dev eth0
Mar 19 16:36:43 ADSLserver kernel: ll header: ff:ff:ff:ff:ff:ff:00:48:54:5b:0d:3f:08:00
解决:
echo 0 >/proc/sys/net/ipv4/conf/eth0/rp_filter
原因:
http://linux.chinaitlab.com/server/534526_6.html
22.4 战神攻击
如果tcpdump显示Linux服务器看起来没有对来自Windows/Mac客户端的数据包做出响应,那么可能没有禁用反向路径过滤(Reverse Path Filtering)。如果你在/var/log/messages里看到这样:
martian destination 127.0.0.1 from 192.168.0.222, dev ipsec0
martian source 192.168.0.200 from 192.168.0.222, on dev eth0
ll header: 00:00:00:00:00:00:00:40:33:2c:70:c8:08:00
那么你需要清空rp_filter。如果在/var/log/messages向回翻,你可以看到FreeS/WAN有这样的提示:
ipsec_setup: (/proc/sys/net/ipv4/conf/eth0/rp_filter = `1', should be 0)
如是eth0设备,使用echo 0 >; /proc/ss/net/ipv4/conf/eth0/rp_filter可以快速修复这个问题。作为选择,你可以在/etc/sysctl.conf中添加net.ipv4.conf.default.rp_filter=0。
评论总数 1
评论
|
呵呵,关了这个不能实现端口转发了。
|
发表于 2008-06-11 10:15 作者: wangyu1314
|
作者为 wangyu1314 的最新文章
- 技嘉965P-DS3 + E6300如何超频的傻瓜版教材 (2008-08-22)
- vBSEO.v3.2.0.PHP.NULL-Draxofavalon (2008-07-17)
- rhel 5.2 安装码 (2008-06-04)
- RHEL5.2 32位,64位,原码,扩展盘下载 (2008-05-25)
- Mssql 2005 集成SP2的简体中文企业版本 (2008-04-24)
