[Shorewall-users] Re: Wireless - routing or bridging - Part Deux

Tom Eastep teastep at shorewall.net
Fri Feb 25 12:19:34 PST 2005


Tom Eastep wrote:

> 
>>The curious observation was a ping to suse.com from the laptop gave:
>>
>>Feb 23 08:23:39 machinename kernel: Shorewall:wlan2fw:ACCEPT:IN=eth3 OUT= 
>>MAC=00:02:b3:1c:39:0d:00:02:2d:24:76:bc:08:00 SRC=xx.xx.18.68 
>>DST=xx.xx.18.50 LEN=112 TOS=0x00 PREC=0xC0 TTL=255 ID=19672 PROTO=ICMP 
>>TYPE=3 CODE=2 [SRC=xx.xx.18.50 DST=192.168.18.68 LEN=84 TOS=0x00 PREC=0x00 
>>TTL=64 ID=5913 PROTO=ICMP TYPE=0 CODE=00 ID=43536 SEQ=18 ]
>>
>>.68 was the leased address given to the laptop
>>.50 is the static IP for eth3 of this box
>>fwiw .51 is the static IP of the cisco
> 
> 
> Bill -- Why are you trying to obfuscate things with the xx.xx
> nonsense??? I'm not going to help you further if I have to look at crap
> like that, especially since I suspect that these are all internal IP
> addresses.

My objection stems from the fact that some of the addresses have been
obfuscated but one hasn't!! So if xx.xx == 192.168 then there is one
explanation and if xx.xx != 192.168 then something else is going on.

You may be right that the AP is returning a "protocol not reachable"
ICMP to the ping reply -- running Ethereal on the Laptop while you are
trying to ping would solve the mystery though...

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key


More information about the Shorewall-users mailing list