This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Strange Masquerading Issue

Hi.

Today I've got a call from a colleague.
From what he says - he can see in his firewall, the internal source address of some (not all) of the stations from my Lan network which connect to his servers.
Since my entire internal network doing Masquerading, I wonder how this could be.
As far as I know, only DNat transmit the source address.

Any Idea?
[:S]

This thread was automatically locked due to age.

Parents

0 BarryG over 11 years ago

Hi,

Specifying the local network(s) in the tcpdump command would limit the output to what you are looking for, e.g.

sudo tcpdump -nn -p -i eth0 src or dst net 192.168.0.0/16

assuming eth0 is external and all internal nets are in the 192.168.x.x space.

the '-p' disables promiscuous mode, that is not needed for listening to your own traffic.

Barry
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BarryG over 11 years ago

Hi,

Specifying the local network(s) in the tcpdump command would limit the output to what you are looking for, e.g.

sudo tcpdump -nn -p -i eth0 src or dst net 192.168.0.0/16

assuming eth0 is external and all internal nets are in the 192.168.x.x space.

the '-p' disables promiscuous mode, that is not needed for listening to your own traffic.

Barry
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data