Hello everyone,
I searched the forum but couldn't find a similar post...
I have started to set up firewalls on my VMs. Simply, I found myself seeing some very strange logs.
To explain, I have 3 VMs
I've enabled the firewall only on HostC for now, with INPUT POLICY DROP and a rule to allow SSH. VMs HostA and HostB do not have the firewall enabled.
However, on the HostC firewall logs I get this :
I checked for duplicate MACs and found that all my network cards have a unique MAC address. For your information, I'm running Virtual Environment 8.2.2. The strange thing is that I do have access to the 10.0.0.10:443 web server.
It's as if the packets were misrouted from time to time
Thanks to those who will take the time to read me
I searched the forum but couldn't find a similar post...
I have started to set up firewalls on my VMs. Simply, I found myself seeing some very strange logs.
To explain, I have 3 VMs
Code:
HostA = a simple router. ip = 10.0.0.1
HostB = a server hosting a web service on 443 port. ip = 10.0.0.10
HostC = another server. ip = 10.0.0.20I've enabled the firewall only on HostC for now, with INPUT POLICY DROP and a rule to allow SSH. VMs HostA and HostB do not have the firewall enabled.
However, on the HostC firewall logs I get this :
Code:
policy DROP: IN=fwbr2020i0 OUT=fwbr2020i0 PHYSIN=fwln2020i0 PHYSOUT=tap2020i0 MAC=aa:bb:cc:dd:ee:ff:ab:bc:cd:de:ef:fg:08:00 SRC=10.0.0.1 DST=10.0.0.10 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=15878 DF PROTO=TCP SPT=47156 DPT=443 SEQ=3062970246 ACK=0 WINDOW=32120 SYNI checked for duplicate MACs and found that all my network cards have a unique MAC address. For your information, I'm running Virtual Environment 8.2.2. The strange thing is that I do have access to the 10.0.0.10:443 web server.
It's as if the packets were misrouted from time to time
Thanks to those who will take the time to read me