kernel: martian source messages in RHEL4

Raj Patel_1 · ‎01-30-2007

Hi, we are getting many messages as below in /var/log/messages on our DNS servers. any ideas on what these mean and if they can be filtered out ?

Jan 30 17:21:05 server-1 kernel: printk: 3 messages suppressed.
Jan 30 17:21:05 server-1 kernel: martian source 194.85.95.23 from 0.0.0.1, on dev eth0
Jan 30 17:21:05 server-1 kernel: ll header: 00:0f:20:79:7f:b4:00:12:44:d3:d5:7c:08:00
Jan 30 17:21:09 server-1 kernel: printk: 2 messages suppressed.
Jan 30 17:21:09 server-1 kernel: martian source 194.85.95.23 from 0.0.0.1, on dev eth0
Jan 30 17:21:09 server-1 kernel: ll header: 00:0f:20:79:7f:b4:00:12:44:d3:d5:7c:08:00
Jan 30 17:21:15 server-1 kernel: printk: 5 messages suppressed.
Jan 30 17:21:15 server-1 kernel: martian source 194.85.95.23 from 0.0.0.1, on dev eth0
Jan 30 17:21:15 server-1 kernel: ll header: 00:0f:20:79:7f:b4:00:12:44:d3:d5:7c:08:00

Ivan Krastev · ‎01-30-2007

From a FAQ:

What does "kernel: martian source aabbccdd for 11223344, dev eth0" mean?

--
These are packets that Linux does not expect from the direction they came
from (i.e. packets from internal hosts coming in on the external interface).
The cause is probably a misconfigured machine on your LAN.
You can turn off logging those packets via
/proc/sys/net/ipv4/conf/*interface*/log_martians
which is documented in /usr/src/linux/Documentation/proc.txt

regards,
ivan

Raj Patel_1 · ‎01-31-2007

yup thats it. thanks

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

kernel: martian source messages in RHEL4

kernel: martian source messages in RHEL4

Re: kernel: martian source messages in RHEL4

Re: kernel: martian source messages in RHEL4