|
Why one nic accept packets destined for second nic
I have a linux Red Hat 7.1 machine that has 2 network cards in it.
ifconfig -a is:-
eth0 Link encap:Ethernet HWaddr 00:02:B3:65:87:F0
inet addr:192.168.3.4 Bcast:192.168.3.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1113330 errors:0 dropped:0 overruns:0 frame:1
TX packets:1377334 errors:0 dropped:0 overruns:0 carrier:0
collisions:9049 txqueuelen:100
Interrupt:11 Base address:0xe000
eth1 Link encap:Ethernet HWaddr 00:05:5D:04:BF:BA
inet addr:192.168.251.251 Bcast:192.168.251.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:301041 errors:0 dropped:0 overruns:0 frame:0
TX packets:237226 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
Interrupt:10 Base address:0xdc00
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1256368 errors:0 dropped:0 overruns:0 frame:0
TX packets:1256368 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
ip_forwarding is "0"
I am using ipchains & have noticed the following messages in the log file:-
Jul 30 11:32:09 msrint kernel: Packet log: input DENY eth1 PROTO=6 192.168.3.7:1200 192.168.3.4:445 L=48 S=0x00 I=6123 F=0x4000 T=128 SYN (#55)
What I don't understand is why is eth1 accepting packets from 192.168.3.7 that are destined for ipaddress 192.168.3.4
My ipchains forward chain is set to DENY with logging but I'm not seeing anything in the log file.
The interface isn't in promiscuous mode as ifconfig would show this.
can anyone explain what might be going on.
Regards
Michael
|
