1 files changed, 97 insertions, 0 deletions
diff --git a/zarb-ml/mageia-discuss/20120507/007226.html b/zarb-ml/mageia-discuss/20120507/007226.html
new file mode 100644
index 000000000..333b4983b
--- /dev/null
+++ b/zarb-ml/mageia-discuss/20120507/007226.html
@@ -0,0 +1,97 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
+<HTML>
+ <HEAD>
+   <TITLE> [Mageia-discuss] Odd entry in log file
+   </TITLE>
+   <LINK REL="Index" HREF="index.html" >
+   <LINK REL="made" HREF="mailto:mageia-discuss%40mageia.org?Subject=Re%3A%20%5BMageia-discuss%5D%20Odd%20entry%20in%20log%20file&In-Reply-To=%3C4FA714CD.1070605%40roadrunner.com%3E">
+   <META NAME="robots" CONTENT="index,nofollow">
+   <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
+   <LINK REL="Previous"  HREF="007225.html">
+   <LINK REL="Next"  HREF="007228.html">
+ </HEAD>
+ <BODY BGCOLOR="#ffffff">
+   <H1>[Mageia-discuss] Odd entry in log file</H1>
+    <B>Frank Griffin</B> 
+    <A HREF="mailto:mageia-discuss%40mageia.org?Subject=Re%3A%20%5BMageia-discuss%5D%20Odd%20entry%20in%20log%20file&In-Reply-To=%3C4FA714CD.1070605%40roadrunner.com%3E"
+       TITLE="[Mageia-discuss] Odd entry in log file">ftg at roadrunner.com
+       </A><BR>
+    <I>Mon May  7 02:18:21 CEST 2012</I>
+    <P><UL>
+        <LI>Previous message: <A HREF="007225.html">[Mageia-discuss] Odd entry in log file
+</A></li>
+        <LI>Next message: <A HREF="007228.html">[Mageia-discuss] Odd entry in log file
+</A></li>
+         <LI> <B>Messages sorted by:</B> 
+              <a href="date.html#7226">[ date ]</a>
+              <a href="thread.html#7226">[ thread ]</a>
+              <a href="subject.html#7226">[ subject ]</a>
+              <a href="author.html#7226">[ author ]</a>
+         </LI>
+       </UL>
+    <HR>  
+<!--beginarticle-->
+<PRE>On 05/06/2012 06:57 PM, imnotpc wrote:
+&gt;<i>
+</I>&gt;<i> My thanks to you, Maarten, and Doug for replying. I knew that packets 
+</I>&gt;<i> in private subnets are never forwarded by routers, one of the basic 
+</I>&gt;<i> security features of the IPV4 system. I had never heard them referred 
+</I>&gt;<i> to as martian before, but the name makes sense. Based on the 
+</I>&gt;<i> destination of the packets (Google, Facebook), my assumption is that 
+</I>&gt;<i> these are not malicious, and based on my knowledge of my network, I 
+</I>&gt;<i> believe these are originating from the wireless hosts as Doug 
+</I>&gt;<i> indicated. I guess the only part I still don't understand is how these 
+</I>&gt;<i> packets are reaching the kernel of the gateway through NAT and 
+</I>&gt;<i> firewalls? Perhaps there is something I don't understand about how IP 
+</I>&gt;<i> traffic moves between hosts.
+</I>&gt;<i>
+</I>The basic idea of a gateway is that you have two NICs, one (say eth1) 
+connected to the same switch to which all your other wired hosts are 
+connected, and using an IP address of something internal, say 
+192.168.1.1.  The other NIC (say eth0) is connected to your external 
+internet.  Your routing table should indicate that any traffic for a 
+192.168.1.x address should go out eth1, and any traffic for something 
+other than 192,168.1.x should go out eth0.  And you have NAT enabled for 
+anything going out eth0 so that your internal addresses get translated 
+to the external IP address assigned by your ISP as they pass through the 
+gateway.
+
+This assumes that you're using a PC as a gateway.  Your router should 
+play no part with the wired connections --- it and all the other wired 
+hosts should be plugged into the switch, i. e. you shouldn't be using 
+the inbound wired jacks on the router at all.  The wireless goes into 
+the router, but beyond that plays on an equal level with the wired guys 
+all going into the gateway PC.
+
+The problem you describe most likely results from trying to use the 
+router as the gateway in conjunction with the switch.  You've got the 
+wired guys coming through the switch and participating in NAT and the 
+wireless guys coming into the router directly, and somehow bypassing NAT.
+
+You mention the &quot;gateway kernel&quot;, so I'm guessing that you are using a 
+gateway PC rather than a gateway router.  If you are using a 192.168.3.x 
+subnet, then your gateway is NAT'ing some hosts and not others.
+</PRE>
+
+
+
+<!--endarticle-->
+    <HR>
+    <P><UL>
+        <!--threads-->
+	<LI>Previous message: <A HREF="007225.html">[Mageia-discuss] Odd entry in log file
+</A></li>
+	<LI>Next message: <A HREF="007228.html">[Mageia-discuss] Odd entry in log file
+</A></li>
+         <LI> <B>Messages sorted by:</B> 
+              <a href="date.html#7226">[ date ]</a>
+              <a href="thread.html#7226">[ thread ]</a>
+              <a href="subject.html#7226">[ subject ]</a>
+              <a href="author.html#7226">[ author ]</a>
+         </LI>
+       </UL>
+
+<hr>
+<a href="https://www.mageia.org/mailman/listinfo/mageia-discuss">More information about the Mageia-discuss
+mailing list</a><br>
+</body></html>