LINUX.ORG.RU

История изменений

Исправление zolden, (текущая версия) :

C rp_filter ничего не делал
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.eth0.rp_filter = 0
net.ipv4.conf.vlan123.rp_filter = 0


tcpdump с теста с telnet

host:~ # tcpdump -nei eth0 port 1234
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
14:13:24.118125 e0:97:96:0e:34:2c > 00:00:5e:00:01:35, ethertype IPv4 (0x0800), length 66: 2.2.2.2.25061 > 3.3.3.3.1234: S 3093593336:3093593336(0) win 64240 <mss 1460,nop,nop,sackOK,nop,wscale 11>
14:13:24.119758 34:00:a3:48:0a:a2 > e0:97:96:0e:34:2c, ethertype IPv4 (0x0800), length 66: 3.3.3.3.1234 > 2.2.2.2.25061: S 2502337550:2502337550(0) ack 3093593337 win 8192 <mss 1260,nop,wscale 8,nop,nop,sackOK>
14:13:27.118464 34:00:a3:48:0a:a2 > e0:97:96:0e:34:2c, ethertype IPv4 (0x0800), length 66: 3.3.3.3.1234 > 2.2.2.2.25061: S 2502337550:2502337550(0) ack 3093593337 win 8192 <mss 1260,nop,wscale 8,nop,nop,sackOK>
14:13:27.121373 e0:97:96:0e:34:2c > 00:00:5e:00:01:35, ethertype IPv4 (0x0800), length 66: 2.2.2.2.25061 > 3.3.3.3.1234: S 3093593336:3093593336(0) win 64240 <mss 1460,nop,nop,sackOK,nop,wscale 11>
14:13:33.112843 34:00:a3:48:0a:a2 > e0:97:96:0e:34:2c, ethertype IPv4 (0x0800), length 62: 3.3.3.3.1234 > 2.2.2.2.25061: S 2502337550:2502337550(0) ack 3093593337 win 8192 <mss 1260,nop,nop,sackOK>
14:13:33.117371 e0:97:96:0e:34:2c > 00:00:5e:00:01:35, ethertype IPv4 (0x0800), length 66: 2.2.2.2.25061 > 3.3.3.3.1234: S 3093593336:3093593336(0) win 64240 <mss 1460,nop,nop,sackOK,nop,wscale 11>

Исходная версия zolden, :

C rp_filter ничего не делал
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.eth0.rp_filter = 0
net.ipv4.conf.vlan123.rp_filter = 0


tcpdump с теста с telnet

host:~ # tcpdump -nei bond0 port 1234
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on bond0, link-type EN10MB (Ethernet), capture size 96 bytes
14:13:24.118125 e0:97:96:0e:34:2c > 00:00:5e:00:01:35, ethertype IPv4 (0x0800), length 66: 2.2.2.2.25061 > 3.3.3.3.1234: S 3093593336:3093593336(0) win 64240 <mss 1460,nop,nop,sackOK,nop,wscale 11>
14:13:24.119758 34:00:a3:48:0a:a2 > e0:97:96:0e:34:2c, ethertype IPv4 (0x0800), length 66: 3.3.3.3.1234 > 2.2.2.2.25061: S 2502337550:2502337550(0) ack 3093593337 win 8192 <mss 1260,nop,wscale 8,nop,nop,sackOK>
14:13:27.118464 34:00:a3:48:0a:a2 > e0:97:96:0e:34:2c, ethertype IPv4 (0x0800), length 66: 3.3.3.3.1234 > 2.2.2.2.25061: S 2502337550:2502337550(0) ack 3093593337 win 8192 <mss 1260,nop,wscale 8,nop,nop,sackOK>
14:13:27.121373 e0:97:96:0e:34:2c > 00:00:5e:00:01:35, ethertype IPv4 (0x0800), length 66: 2.2.2.2.25061 > 3.3.3.3.1234: S 3093593336:3093593336(0) win 64240 <mss 1460,nop,nop,sackOK,nop,wscale 11>
14:13:33.112843 34:00:a3:48:0a:a2 > e0:97:96:0e:34:2c, ethertype IPv4 (0x0800), length 62: 3.3.3.3.1234 > 2.2.2.2.25061: S 2502337550:2502337550(0) ack 3093593337 win 8192 <mss 1260,nop,nop,sackOK>
14:13:33.117371 e0:97:96:0e:34:2c > 00:00:5e:00:01:35, ethertype IPv4 (0x0800), length 66: 2.2.2.2.25061 > 3.3.3.3.1234: S 3093593336:3093593336(0) win 64240 <mss 1460,nop,nop,sackOK,nop,wscale 11>