[求助]martian source....路由|Linux系统专区人人网,QQ空间,登陆,renren,注册,校内,刷人气

离线宁静致远2007.

初中三年级

发帖: 2055

C币: -235906

威望: 360

贡献值: 1

银元: -1

铜钱: 4622

人人网人气币: 0

只看楼主倒序阅读使用道具楼主发表于: 2009-05-01

请版主，，高手指教！

我的机器： 10..18.100.160        .                     网关路由： eth1:6  10.18.100.1[成人用品]
                 255.255.255.0                .  .        .                               255.255.255.0             汽车
    gateway10.18.100.1                                      .           eth1:1  19.2.0.1..1           婚庆
                                                      .     .                                      2.55.255.255.0          婚庆

我怎么ping 不通 192.0.1.1的呢？（如果我改IP为..192.0.1.160 是没问题的）--- 印刷

查看了一.下日志/var/log/messages，有如下信息，我.看正常的forward的应该不是这样子的，，，.
iptables -A FORWARD -s 10.18.100.0/24 -d 192.0.1..0/24 -j. ACCEPT<性病>

Oct 24 17:59:16 gw1 kernel: martian sour.ce 192.0.1.1 from 10.18.100.1.60, on dev e.th1投资
Oct 2.4 17:59:16 gw1 kernel: ll header: 00:0a:eb:83:59:e4:00.:.0a:eb:9d:89:53:08:00.
Oct 24. 17:5.9:21 gw1 kernel: martian source 192.0.1.1 from 10.18.10.0.160, on dev eth1(        游戏          )
Oct 24 17:59:21 gw1. kernel: ll .h.eader: 00:0a:eb:83:59:e4:00:0a:eb:9d:89:53:08:00.

已检查过 iptables跟路由，，，.ping 192.168.0.0/2.4是都没问题的，，，请帮帮我！！

评价一下你浏览此帖子的感受

分享到 淘江湖新浪 QQ微博 QQ空间开心人人豆瓣网易微博百度鲜果白社会飞信

离线aeleven.

初中三年级

发帖: 2203

C币: -262342

威望: 435

贡献值: 1

银元: -1

铜钱: 5068

人人网人气币: 0

只看该作者沙发发表于: 2010-04-13

Re:[求助]martian

贴出以下信息
# ip a

# ip r

# iptables-save -c

# sysctl -a|grep forward
复制代码

离线谁的谁心痛.

初中三年级

发帖: 2071

C币: -60458

威望: 381

贡献值: 1

银元: -2

铜钱: 4624

人人网人气币: 0

只看该作者板凳发表于: 2010-04-13

Re:[求助]martian

关注，我的也有这样的信息martian source 192.0.1.1 from 10.18.100.160, on dev eth1

离线coolke.

初中三年级

发帖: 2022

C币: -140624

威望: 384

贡献值: 1

银元: -3

铜钱: 4664

人人网人气币: 0

只看该作者地板发表于: 2010-04-13

Re:[求助]martian

martian errors are generated when anyone is trying to connect
to you from the internet with private_range_of_ip_addresses !

Martian Addresses are discussed in RFC1812.
See section 5.3.7 "Martian Address Filtering"

http://www.faqs.org/rfcs/rfc1812.html

g到的，不知道怎么能解决

离线03112.

初中三年级

发帖: 2019

C币: -198744

威望: 384

贡献值: 1

银元: -1

铜钱: 4562

人人网人气币: 0

只看该作者 4楼发表于: 2010-04-13

Re:[求助]martian

# ip a

1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:0a:eb:85:90:b4 brd ff:ff:ff:ff:ff:ff
    inet 210.22.XX.XXX/25 brd 210.22.XX.255 scope global eth0
    inet6 fe80::20a:ebff:fe85:90b4/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:0a:eb:9d:89:53 brd ff:ff:ff:ff:ff:ff
    inet 192.0.1.8/24 brd 192.0.1.255 scope global eth1:1
    inet 10.18.144.2/23 brd 10.18.145.255 scope global eth1:2
    inet 10.18.20.12/24 brd 10.18.20.255 scope global eth1:3
    inet 10.18.146.12/24 brd 10.18.146.255 scope global eth1:4
    inet 10.18.30.1/24 brd 10.18.30.255 scope global eth1:5
    inet 192.168.0.4/24 brd 192.168.0.255 scope global eth1
    inet 10.18.100.2/24 brd 10.18.100.255 scope global eth1:6
    inet6 fe80::20a:ebff:fe9d:8953/64 scope link
       valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:11:2f:c1:eb:69 brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.3/24 brd 192.168.2.255 scope global eth2
    inet6 fe80::211:2fff:fec1:eb69/64 scope link
       valid_lft forever preferred_lft forever
5: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0
8: tunl0: <NOARP> mtu 1480 qdisc noop
    link/ipip 0.0.0.0 brd 0.0.0.0
1917: ppp0: <OINTOPOINT,MULTICAST,NOARP,UP> mtu 1492 qdisc pfifo_fast qlen 3

link/ppp
inet xxx.xxx.xxx.xxx peer xxx.xxx.xx.xxx/32 scope global ppp0
1918: ppp1: <OINTOPOINT,MULTICAST,NOARP,UP> mtu 1488 qdisc pfifo_fast qlen 3

    link/ppp
    inet 10.0.0.76 peer 10.0.0.71/32 scope global ppp1

# ip r

10.0.0.71 dev ppp1  proto kernel  scope link  src 10.0.0.76
218.17.71.1 dev ppp0  proto kernel  scope link  src 219.133.xxx.xxx
210.22.xx.128/25 dev eth0  proto kernel  scope link  src 210.22.xx.xxx
10.18.20.0/24 dev eth1  proto kernel  scope link  src 10.18.20.12
192.168.2.0/24 dev eth2  proto kernel  scope link  src 192.168.2.3
10.18.146.0/24 dev eth1  proto kernel  scope link  src 10.18.146.12
192.168.0.0/24 dev eth1  proto kernel  scope link  src 192.168.0.4
10.18.100.0/24 dev eth1  proto kernel  scope link  src 10.18.100.2
192.0.1.0/24 dev eth1  proto kernel  scope link  src 192.0.1.8
10.18.30.0/24 dev eth1  proto kernel  scope link  src 10.18.30.1
10.18.144.0/23 dev eth1  proto kernel  scope link  src 10.18.144.2
default via 210.22.xx.xxx dev eth0

# iptables-save -c

# Generated by iptables-save v1.2.11 on Wed Oct 25 11:31:48 2006
*mangle
REROUTING ACCEPT [1479181393:879429001096]

:INPUT ACCEPT [124301347:57015366280]
:FORWARD ACCEPT [1354097329:822315435298]
:OUTPUT ACCEPT [126475378:91104751942]
OSTROUTING ACCEPT [1491069249:914009301259]

[0:0] -A PREROUTING -s 192.0.1.16 -i eth1 -p tcp -m multiport --dports 80 -j MARK --set-mark 0x1
COMMIT
# Completed on Wed Oct 25 11:31:48 2006
# Generated by iptables-save v1.2.11 on Wed Oct 25 11:31:48 2006
*nat
REROUTING ACCEPT [42517050:4260785538]

OSTROUTING ACCEPT [4138148:424046452]

:OUTPUT ACCEPT [2216606:252981168]
[126:6868] -A PREROUTING -d 210.22.26.223 -i eth0 -p tcp -m multiport --dports 80,110,119,443,465,587 -j DNAT --to-destination 192.168.0.5
[23:1108] -A PREROUTING -i ppp0 -p tcp -m multiport --dports 80,110,119,443,465,587 -j DNAT --to-destination 192.168.0.2
[2:88] -A PREROUTING -d 210.22.26.223 -p tcp -m multiport --dports 2401 -j DNAT --to-destination 192.168.0.6
[0:0] -A PREROUTING -d 210.22.26.223 -p tcp -m multiport --dports 8091 -j DNAT --to-destination 192.168.0.253
[380:40130] -A POSTROUTING -s 10.18.144.0/255.255.254.0 -d 192.0.1.0/255.255.255.0 -j SNAT --to-source 10.18.144.2
[2819:137844] -A POSTROUTING -d 192.168.0.5 -o eth1 -p tcp -j SNAT --to-source 192.168.0.4
[23:1108] -A POSTROUTING -d 192.168.0.2 -o eth1 -p tcp -j SNAT --to-source 192.168.0.4
[6:288] -A POSTROUTING -d 192.168.0.253 -o eth1 -p tcp -j SNAT --to-source 192.168.0.4
[71858:6106354] -A POSTROUTING -o eth0 -j SNAT --to-source 210.22.26.223
[0:0] -A POSTROUTING -o ppp0 -j SNAT --to-source 219.133.246.169
[1102:253540] -A POSTROUTING -o ppp1 -j SNAT --to-source 10.0.0.76
COMMIT
# Completed on Wed Oct 25 11:31:48 2006
# Generated by iptables-save v1.2.11 on Wed Oct 25 11:31:48 2006
*filter
:INPUT ACCEPT [919508:64012399]
:FORWARD ACCEPT [167036:77850261]
:OUTPUT ACCEPT [125420089:90993492797]
[2569:154020] -A INPUT -i eth0 -p tcp -m multiport --dports 20,21,22 -m state --state NEW -j ACCEPT
[416:29598] -A INPUT -i eth0 -p icmp -m icmp --icmp-type 8 -j ACCEPT
[10433:584248] -A INPUT -i eth0 -p icmp -m icmp --icmp-type 11 -j ACCEPT
[82946:13101097] -A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
[0:0] -A INPUT -i eth0 -p gre -j ACCEPT
[0:0] -A INPUT -i eth0 -p tcp -m tcp --dport 1723 -j ACCEPT
[35007:9741054] -A INPUT -i eth0 -j DROP
[7142221:485143338] -A INPUT -i eth1 -j ACCEPT
[5184:642816] -A INPUT -i eth2 -j ACCEPT
[868:51996] -A INPUT -i ppp0 -p tcp -m multiport --dports 20,21,22 -m state --state NEW -j ACCEPT
[0:0] -A INPUT -i ppp0 -p gre -j ACCEPT
[0:0] -A INPUT -i ppp0 -p tcp -m tcp --dport 1723 -j ACCEPT
[9463:943228] -A INPUT -i ppp0 -m state --state RELATED,ESTABLISHED -j ACCEPT
[4122:346516] -A INPUT -i ppp0 -j DROP
[509:16288] -A INPUT -i ppp1 -j ACCEPT
[9:540] -A FORWARD -s 10.18.100.160 -d 192.0.1.1 -j LOG --log-ip-options
[34946:2473090] -A FORWARD -s 10.18.100.0/255.255.255.0 -d 192.0.1.0/255.255.255.0 -j ACCEPT
[126:6868] -A FORWARD -d 192.168.0.5 -i eth0 -p tcp -m multiport --dports 80,110,119,443,465,587 -m state --state NEW -j ACCEPT
[2:88] -A FORWARD -d 192.168.0.6 -p tcp -m multiport --dports 2401 -m state --state NEW -j ACCEPT
[0:0] -A FORWARD -d 192.168.0.253 -i eth0 -p tcp -m multiport --dports 8091 -m state --state NEW -j ACCEPT
[605127:301113037] -A FORWARD -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
[0:0] -A FORWARD -i eth0 -j DROP
[0:0] -A FORWARD -s 192.168.0.120 -d 192.0.1.4 -j ACCEPT
[0:0] -A FORWARD -s 10.18.100.160 -d 192.0.1.4 -j ACCEPT
[0:0] -A FORWARD -s 192.0.1.4 -d 192.168.0.120 -j ACCEPT
[0:0] -A FORWARD -s 192.168.0.253 -d 192.0.1.199 -j ACCEPT
[0:0] -A FORWARD -s 192.0.1.199 -d 192.168.0.253 -j ACCEPT
[0:0] -A FORWARD -d 192.0.1.0/255.255.255.0 -i eth1 -m mac --mac-source 00:16:41:A9:48:E8 -j ACCEPT
[0:0] -A FORWARD -s 10.18.100.0/255.255.255.0 -d 192.0.1.0/255.255.255.0 -j ACCEPT
[0:0] -A FORWARD -s 10.18.144.101 -d 192.0.1.0/255.255.255.0 -j ACCEPT
[0:0] -A FORWARD -s 10.18.144.102 -d 192.0.1.0/255.255.255.0 -j ACCEPT
[26965:3154905] -A FORWARD -s 10.18.144.103 -d 192.0.1.0/255.255.255.0 -j ACCEPT
[71:3004] -A FORWARD -s 10.18.144.108 -d 192.0.1.0/255.255.255.0 -j ACCEPT
[1:40] -A FORWARD -s 10.18.144.133 -d 192.0.1.0/255.255.255.0 -j ACCEPT
[0:0] -A FORWARD -s 10.18.144.140 -d 192.0.1.0/255.255.255.0 -j ACCEPT
[280977:357428639] -A FORWARD -s 192.0.1.0/255.255.255.0 -d 10.18.144.0/255.255.254.0 -j ACCEPT
[903750:211204326] -A FORWARD -i eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
[0:0] -A FORWARD -i eth1 -m mac --mac-source 00:02:A5:60:513 -j DROP

[0:0] -A FORWARD -i eth1 -m mac --mac-source 00:B00:78:40:BF -j DROP

[0:0] -A FORWARD -i eth1 -m mac --mac-source 00:02:A5:74:A0:AB -j DROP
[266:20976] -A FORWARD -s 192.0.1.111 -i eth1 -j DROP
[0:0] -A FORWARD -s 192.0.1.169 -i eth1 -j DROP
[0:0] -A FORWARD -s 192.0.1.121 -i eth1 -j DROP
[0:0] -A FORWARD -s 192.0.1.110 -i eth1 -j DROP
[0:0] -A FORWARD -s 192.0.1.230 -i eth1 -j DROP
[0:0] -A FORWARD -s 192.0.1.176 -i eth1 -j DROP
[0:0] -A FORWARD -s 192.0.1.192 -i eth1 -j DROP
[0:0] -A FORWARD -s 192.0.1.191 -i eth1 -j DROP
[0:0] -A FORWARD -s 192.0.1.173 -i eth1 -j DROP
[0:0] -A FORWARD -s 192.0.1.171 -i eth1 -j DROP
[0:0] -A FORWARD -s 192.0.1.193 -i eth1 -j DROP
[350762:145184135] -A FORWARD -i eth1 -j ACCEPT
[23:1108] -A FORWARD -d 192.168.0.2 -i ppp0 -p tcp -m multiport --dports 80,110,119,443,465,587 -m state --state NEW -j ACCEPT
[100:55451] -A FORWARD -i ppp0 -m state --state RELATED,ESTABLISHED -j ACCEPT
[0:0] -A FORWARD -i ppp0 -j DROP
[2709:2015506] -A FORWARD -i ppp1 -j ACCEPT
[3:252] -A OUTPUT -d 192.0.1.1 -j LOG --log-ip-options
COMMIT
# Completed on Wed Oct 25 11:31:48 2006

# sysctl -a|grep forward

net.ipv6.conf.default.forwarding = 0
net.ipv6.conf.all.forwarding = 0
net.ipv6.conf.eth2.forwarding = 0
net.ipv6.conf.eth1.forwarding = 0
net.ipv6.conf.eth0.forwarding = 0
net.ipv6.conf.lo.forwarding = 0
net.ipv4.conf.ppp1.mc_forwarding = 0
net.ipv4.conf.ppp1.forwarding = 1
net.ipv4.conf.ppp0.mc_forwarding = 0
net.ipv4.conf.ppp0.forwarding = 1
net.ipv4.conf.eth2.mc_forwarding = 0
net.ipv4.conf.eth2.forwarding = 1
net.ipv4.conf.eth0.mc_forwarding = 0
net.ipv4.conf.eth0.forwarding = 1
net.ipv4.conf.eth1.mc_forwarding = 0
net.ipv4.conf.eth1.forwarding = 1
net.ipv4.conf.lo.mc_forwarding = 0
net.ipv4.conf.lo.forwarding = 1
net.ipv4.conf.default.mc_forwarding = 0
net.ipv4.conf.default.forwarding = 1
net.ipv4.conf.all.mc_forwarding = 0
net.ipv4.conf.all.forwarding = 1
net.ipv4.ip_forward = 1

请帮忙看看

离线aqxsj.

初中三年级

发帖: 2138

C币: -152161

威望: 419

贡献值: 1

银元: 0

铜钱: 4863

人人网人气币: 0

只看该作者 5楼发表于: 2010-04-13

Re:[求助]martian

大家请帮帮忙呀

离线奇跡の海.

初中三年级

发帖: 2073

C币: -139650

威望: 368

贡献值: 1

银元: -4

铜钱: 4512

人人网人气币: 0

只看该作者 6楼发表于: 2010-04-13

Re:[求助]martian

版主们，，来看看呀！

离线xxtyshun.

初中三年级

发帖: 2035

C币: -627287

威望: 357

贡献值: 4

银元: -1

铜钱: 4444

人人网人气币: 0

只看该作者 7楼发表于: 2010-04-13

Re:[求助]martian

大家来帮个忙啊


	http://www.csuboy.com 访问内容超出本站范围，不能确定是否安全


	关闭您还没有登录，快捷通道只有在登录后才能使用。立即登录还没有帐号？赶紧注册一个


	关闭选中1篇全选

帖子

[问题求助][求助]martian source....路由 [复制链接]