packet mangling and routing

Corey Edwards tensai at zmonkey.org
Tue Oct 16 13:15:38 MDT 2007


On Tue, 2007-10-16 at 13:05 -0600, Michael L Torrie wrote:
> I'm sure a packet would make it back to the requesting computer, even if
> it was going out the wrong interface.  However, the calling computer
> would likely discard it, since it's not coming from the same ip address
> as the original destination.  Linux iptables, for example would not see
> it as a related packet when tracking connections.  So udp and tcp things
> would likely not work, but ping would.

Linux won't change the source IP address of the return packet. It will
be whichever IP address the server received the packet on. Try this for
an example:

        lo: 127.0.0.1 (duh!)
        eth0: 10.0.0.1
        
        # tcpdump -np -i lo icmp &
        # ping -c 1 -I 127.0.0.1 10.0.0.1
        13:13:23.140864 IP 127.0.0.1 > 10.0.0.1: ICMP echo request, id
        64828, seq 1, length 64
        13:13:23.140890 IP 10.0.0.1 > 127.0.0.1: ICMP echo reply, id
        64828, seq 1, length 64
        64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=0.053 ms
        
The request came in on lo and was to 10.0.0.1, which is eth0's address.
The response went back on lo (because the route to 127.0.0.1 was via lo)
and was sourced on 10.0.0.1 (because that was the original source IP).

Corey





More information about the PLUG mailing list