[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Martian source... Need to have route to other networks via internal interface. What to do?



Sergei Keler wrote:
Hi!

I have SLES9 and two interfaces eth0 & eth1.
eth0 has real ip address like 217.x.x.x
eth1 has local ip address 192.168.0.1/24
Default gateway on this system belongs to real ip address network 217.x.x.x via eth0.
eth0 is described as External inteface in suse firewall.
eth1 is described as Internal one.
No NAT etc.
Kernel security is on.
LAN has several nets like 192.168.x.0/24.

Accessing net like 192.168.1.0/24 i got 'martian source' kernel message. I tried to make route to 192.168.1.0/24 via 192.168.0.254 but still have same error log. Where to dig? I dont want to create aliases for each network (it works but too ugly). Is possible the pretty solution for me?


Linux have multiple routing tables, so you can have multiple default gateways.
For example you can do:
ip rule add to 192.168.0.0/16 table 100
ip route add table 100 via 192.168.0.254 dev eth1

See ip rule help, ip route help or read http://lartc.org/howto/

Muralito.



--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here