服务器出现大量的 kernel: martian source 192.168.110.255 from 192.168.110.1, on dev eth0类似错误提示
发表于 2007-11-27 14:25 作者: wangyu1314
不知道啥原因。google了半天。终于找到解决方法。
OK。
ADSL Server出现如下大量提示:/var/log/messages
Mar 19 16:36:43 ADSLserver kernel: ll header: ff:ff:ff:ff:ff:ff:00:48:54:5b:0d:3f:08:00
Mar 19 16:36:43 ADSLserver kernel: martian source 192.168.6.255 from 192.168.6.2, on dev eth0
Mar 19 16:36:43 ADSLserver kernel: ll header: ff:ff:ff:ff:ff:ff:00:48:54:5b:0d:3f:08:00
Mar 19 16:36:43 ADSLserver kernel: martian source 192.168.6.255 from 192.168.6.2, on dev eth0
Mar 19 16:36:43 ADSLserver kernel: ll header: ff:ff:ff:ff:ff:ff:00:48:54:5b:0d:3f:08:00
解决:
echo 0 >/proc/sys/net/ipv4/conf/eth0/rp_filter
原因:
http://linux.chinaitlab.com/server/534526_6.html
22.4 战神攻击
如果tcpdump显示Linux服务器看起来没有对来自Windows/Mac客户端的数据包做出响应,那么可能没有禁用反向路径过滤(Reverse Path Filtering)。如果你在/var/log/messages里看到这样:
martian destination 127.0.0.1 from 192.168.0.222, dev ipsec0
martian source 192.168.0.200 from 192.168.0.222, on dev eth0
ll header: 00:00:00:00:00:00:00:40:33:2c:70:c8:08:00
那么你需要清空rp_filter。如果在/var/log/messages向回翻,你可以看到FreeS/WAN有这样的提示:
ipsec_setup: (/proc/sys/net/ipv4/conf/eth0/rp_filter = `1', should be 0)
如是eth0设备,使用echo 0 >; /proc/ss/net/ipv4/conf/eth0/rp_filter可以快速修复这个问题。作为选择,你可以在/etc/sysctl.conf中添加net.ipv4.conf.default.rp_filter=0。
OK。
ADSL Server出现如下大量提示:/var/log/messages
Mar 19 16:36:43 ADSLserver kernel: ll header: ff:ff:ff:ff:ff:ff:00:48:54:5b:0d:3f:08:00
Mar 19 16:36:43 ADSLserver kernel: martian source 192.168.6.255 from 192.168.6.2, on dev eth0
Mar 19 16:36:43 ADSLserver kernel: ll header: ff:ff:ff:ff:ff:ff:00:48:54:5b:0d:3f:08:00
Mar 19 16:36:43 ADSLserver kernel: martian source 192.168.6.255 from 192.168.6.2, on dev eth0
Mar 19 16:36:43 ADSLserver kernel: ll header: ff:ff:ff:ff:ff:ff:00:48:54:5b:0d:3f:08:00
解决:
echo 0 >/proc/sys/net/ipv4/conf/eth0/rp_filter
原因:
http://linux.chinaitlab.com/server/534526_6.html
22.4 战神攻击
如果tcpdump显示Linux服务器看起来没有对来自Windows/Mac客户端的数据包做出响应,那么可能没有禁用反向路径过滤(Reverse Path Filtering)。如果你在/var/log/messages里看到这样:
martian destination 127.0.0.1 from 192.168.0.222, dev ipsec0
martian source 192.168.0.200 from 192.168.0.222, on dev eth0
ll header: 00:00:00:00:00:00:00:40:33:2c:70:c8:08:00
那么你需要清空rp_filter。如果在/var/log/messages向回翻,你可以看到FreeS/WAN有这样的提示:
ipsec_setup: (/proc/sys/net/ipv4/conf/eth0/rp_filter = `1', should be 0)
如是eth0设备,使用echo 0 >; /proc/ss/net/ipv4/conf/eth0/rp_filter可以快速修复这个问题。作为选择,你可以在/etc/sysctl.conf中添加net.ipv4.conf.default.rp_filter=0。
评论总数 1
评论
|
呵呵,关了这个不能实现端口转发了。
|
 
|
作者为 wangyu1314 的最新文章
- 000webhost提供1500M可绑米免费php空间 (2009-12-25)
- vBulletin 4 Beta3 nulled download (2009-11-14)
- 彻底快速安全地卸载SQL server 2005 (2009-08-31)
- vBSEO.v3.3.0 GOLD NULLIFIED ALSO Keygen (2009-08-23)
- myThunder 迅雷扩展修改版,支持右键,支持firefox 3.5 (2009-08-01)
