On 05/08/2012 02:20 PM, Frank Griffin wrote:
On 05/08/2012 08:30 AM, imnotpc wrote:
Yes, that was a typo. 192.168.3.0/24 is correct. But the wireless
router has to NAT those addresses to 192.168.0.100 or no traffic
would get through. In order for the martian packets to be coming from
the wireless router then it would have to be selectively NATing some
packets and not others.
Now that's interesting. In my own setup, I simply use the router as a
wireless access point, and I disable its DHCP server so as to use the
one on my gateway. I've just verified with wireshark on my gateway
that the router isn't NATing anything; all packets from my wireless
systems show up at the gateway with their assigned 192.168.3.0/24
addresses.
Maybe the router doesn't NAT unless the wireless node has an IP
address that it assigned. Is 192.168.3.2 perhaps a fixed IP address
that one of your wireless systems is using ?
No, I don't set any fixed IPs in the subnets that use DHCP although I
believe the wireless router would allow me to. Also the 192.168.3.x
address changes. I get martian logs from other addresses in that subnet
but they are always low numbers which makes me think they were actually
assigned by the router, at least initially. I haven't had time to run
tcpdump yet but my current theory is that the wireless router doesn't or
can't NAT certain types of packets and those are triggering the kernel
log messages. Or perhaps it's only NATing packets from a host with a
valid DHCP lease and simply forwarding anything else that comes in.
