On 05/08/2012 06:47 AM, Frank Griffin wrote:
On 05/07/2012 07:42 PM, imnotpc wrote:
Well the Comcast cable modem was a dead end. I checked it and DHCP is
disabled, and even if it were enabled it uses a completely different
subnet. Besides, It would be coming in on eth2 and not eth0. I
checked the wireless router in the LAN and it uses the 192.168.3.0/24
subnet for it's DHCP connections. It has a fixed IP of 192.168.0.100
on the LAN interface so I don't know why these IPs would ever be seen
by the firewall/gateway box, but this looks like the most likely source.
Waitaminnit. Yesterday you wrote:
Wireless Router Attached to the LAN: The LAN facing NIC on the
wireless router has a fixed IP of 192.168.0.100. The wireless
interface is configured to assign IPs in the 192.168.2.0/24 range to
the wireless hosts using DHCP.
If the wireless router DHCP is setup to assign from 192.168.3.0/24,
then that's where the 192.168.3.2 is coming from. Unless your gateway
is set to masquerade 192.168.3.0/24, you get exactly what you're seeing.
Yes, that was a typo. 192.168.3.0/24 is correct. But the wireless router
has to NAT those addresses to 192.168.0.100 or no traffic would get
through. In order for the martian packets to be coming from the wireless
router then it would have to be selectively NATing some packets and not
others.
