Hello guys,
Could anybody advise me please, on kernel's logging martian packets oddity?
The reason is that it logs connections that come from privately allocated networks (dedicated allocation). These are not regular martians such as 0.0.0.0/8, 127.0.0.0/8 and the like but it looks like this,
Code:
martian source my-ip-address from 146.88.240.4, on dev eth0
When I check on from IP addresses whois, their NetType: always says either Direct Allocation or Direct Assignment (feel free to check on 146.88.240.4 it's the real one).
Now the question is how do I block it (iptables?) and should I be generally worried about it? I mean are there any itables or any other general rules to block it, because it will take me forever to block millions of IP addresses one by one. I can turn off martian logging of course and the problem is solved but as far as I know I am not supposed to have them bugging my server's resources.
Would also highly appreciate it if someone could possibly guide me on how to check on my network, because these martians could also be the reason for some light network configuration issues. Although it's up and running perfectly well and I do not see any problems.
Many thanks in advance!