On 2011-04-20, Heiko Wundram <modeln...@modelnine.org> wrote: > Am 20.04.2011 01:54, schrieb Grant Edwards: >> I guess the problem is that I expected to receive a packet on an >> interface anytime a packet was received with a destination IP address >> that matched that of the the interface. Apprently there's some >> filtering in the network stack based on the _source_ address as well >> (that seems very counter-intuitive to me). > > Just to pitch in here (because nobody's mentioned it yet AFAICT): yes, > there's a filtering done (at least under Linux, and I'd guess something > similar on xBSD too) to packets based on the source address coming in on > an interface, and it's called the reverse path filter and is on by > default (the tunable on Linux is /proc/sys/net/ipv4/conf/*/rp_filter).
Brilliant! While I had determined that such filtering took place, I'd been unable to figure out if it was configurable. > The idea behind the reverse path filter is that your machine won't > accept packets coming in over an interface when a return packet (i.e., > the presumed response) won't be routed over the same interface, and from > what I gather, this is what makes the TCP/IP stack drop the packets > because your machine will not route packets to 192.168.x.x over the same > interface it sees the packet coming in. This is a _security_ feature, > because it makes address spoofing harder. And it's an eminently sensible feature. > If you need to see the packets regardless, either use a promiscuous mode > sniffer (i.e., tcpdump, but that's relatively easy to mirror in Python > using SOCK_RAW, capturing packets at the ethernet level), or add a route > on your system for the 192.168.x.x network on the same interface. I've thought about the SOCK_RAW option, but the CPU load of looking all received Ethernet packets in user-space would be a big down-side. Adding the route isn't an option since 1) the device doesn't know what route to add, and 2) adding such a route could break the normal networking operation. -- Grant Edwards grant.b.edwards Yow! My haircut is totally at traditional! gmail.com -- http://mail.python.org/mailman/listinfo/python-list