3 Jan
2021
3 Jan
'21
12:01 a.m.
89.33.44.100 44.182.21.1 67631 [ 8] dropped: encap to encap
That data is from the stats collector that the late Brian Kantor
wrote, which can be seen here:
https://gw.ampr.org/private/
The login uses the old gateways login credentials from when Jim Fuller
ran it. See:
https://mailman.ampr.org/mailman/private/44net/2020-January/010633.html
I highly recommend these rules:
# This prevents nested ipencap
iptables -t raw -I PREROUTING -p 4 -i tunl0 -j DROP
# This prevents a general loop
iptables -I FORWARD -i tunl0 -o tunl0 -j DROP
# Drops outbound unassigned IPs from looping though tunl0 via ipencap
# You Must add accept rules under this line to make exceptions
iptables -I FORWARD ! -s 44.92.21.0/24 -o tunl0 -j DROP
# ^ adjust to your subnet
On Sat, Jan 2, 2021 at 7:40 AM Marius Petrescu via 44Net
<44net(a)mailman.ampr.org> wrote:
The same question goes for 89.33.44.100. I dumped it and found no
outgoing packets from other sources for your gateway.
Is it possible you actually capture some spoofing attempts?
Do you account for replies to requests that may be addressed to non-44
addresses via your tunnels, like ICM unreachable and similar?
On 02.01.2021 05:36, Charles - N2NOV via 44Net wrote:
What is the error for 162.247.76.129 (my gateway
address)?
--
73 de N2NOV
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net