Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S262682AbUKQXZs (ORCPT ); Wed, 17 Nov 2004 18:25:48 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S262672AbUKQXO6 (ORCPT ); Wed, 17 Nov 2004 18:14:58 -0500 Received: from ns9.hostinglmi.net ([213.194.149.146]:64921 "EHLO ns9.hostinglmi.net") by vger.kernel.org with ESMTP id S262675AbUKQXO3 (ORCPT ); Wed, 17 Nov 2004 18:14:29 -0500 Date: Thu, 18 Nov 2004 00:17:23 +0100 From: DervishD To: Harald Welte Cc: Linux-kernel Subject: Re: Packet capturing, iptables and eth0 vs. dummy0 Message-ID: <20041117231723.GB7955@DervishD> Mail-Followup-To: Harald Welte , Linux-kernel References: <20041117203033.GA7907@DervishD> <20041117213843.GV31538@sunbeam.de.gnumonks.org> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20041117213843.GV31538@sunbeam.de.gnumonks.org> User-Agent: Mutt/1.4.2.1i Organization: DervishD X-Antivirus-Scanner: Clean mail though you should still use an Antivirus X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - ns9.hostinglmi.net X-AntiAbuse: Original Domain - vger.kernel.org X-AntiAbuse: Originator/Caller UID/GID - [0 0] / [47 12] X-AntiAbuse: Sender Address Domain - dervishd.net X-Source: X-Source-Args: X-Source-Dir: Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1342 Lines: 35 Hi Harald :) * Harald Welte dixit: > On Wed, Nov 17, 2004 at 09:30:33PM +0100, DervishD wrote: > please send netfilter/iptables related questions to the respective > lists: > netfilter@lists.netfilter.org (for user questions) > netfilter-devel@lists.netfilter.org (for development issues) This time the iptables issue was just... collateral, so to say. The problem was with tcpdump since I knew that packets were being filtered. > > I've noticed that, no matter what filtering is iptables doing, > > tcpdump gets all packets from interface eth0 as seen in the bus, > This is correct. iptables is a IPv4 packet filter. It is part of the > IPv4 stack. tcpdump uses PF_PACKET which attaches right above the > NIC driver, therefore you capture packets way before they enter the IPv4 > stack. OK, I didn't see the problem from that perspective. Anyway, using 'lo' instead of 'dummy' solved the problem :) Thanks for the help :) Ra?l N??ez de Arenas Coronado -- Linux Registered User 88736 http://www.dervishd.net & http://www.pleyades.net/ - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/