kernel: martian source

Nov 04
2008

Depuis qqls temps, mon /var/log/messages est pourri par des messages tels que :

Nov  4 10:51:02 serveur kernel: ll header: ff:ff:ff:ff:ff:ff:00:03:2f:3b:7a:c7:08:00
Nov  4 10:51:02 serveur kernel: martian source 192.168.0.255 from 192.168.0.140, on dev eth0

Je viens de modifier le fichier /etc/sysctl.conf :

net.ipv4.conf.all.log_martians=0

et de faire :

echo 0 > /proc/sys/net/ipv4/conf/all/log_martians

Les logs semblent plus sain 😉

What does "kernel: martian source aabbccdd for 11223344, dev eth0" mean?
These are packets that Linux does not expect from the direction they came
from (i.e. packets from internal hosts coming in on the external interface).
The cause is probably a misconfigured machine on your LAN.
You can turn off logging those packets via
/proc/sys/net/ipv4/conf/*interface*/log_martians
which is documented in /usr/src/linux/Documentation/proc.txt