hi all, we have a linux (2.2 debian) firewall with two eth cards running here. ip_forward is 1 and on each side of the firewall is a /25.
packets are routed through okay but a couple of days ago i noticed something *very* strange. packets coming into eth0 were not only going out eth1 (as they should) but also being spat back out eth0 with a destination mac address of all f's. this meant that al machines on the eth0 side of the network could see the packets going through the machine. i rebooted the server and all was well but apart from being a security compromise, does any one have any idea how that could have happened? Regards, Marc-Adrian Napoli Network Administrator Connect Infobahn Australia +61 2 9212 0387