13 Mar
2020
13 Mar
'20
10:06 p.m.
All,
The following are RAW firewall hits indicating nested IPIP in IPIP packets.
I run a firewall that only allows IPIP from all of you (and rules that only allows the
AMPRGW routes and my destination IPs); but since this is a RAW rule - it implies nothing
of any operator.
I have not reviewed my Netflow records; but please be vigilant of this traffic. I warned
of this issue in the "ancient" 44 mailing archives.
Table: RawChain PREROUTING (Policy: ACCEPT, 94829408 Packets, 59.38 GB Traffic)Pkts.
Traffic Target Prot. In Out Source Destination Options Comment32 2.37 KB DROP 4 tunl0 *
0.0.0.0/0 0.0.0.0/0 - -
73 ::and elbow bump::,
- Lynwood
KB3VWG