[8.200][BUG][OPEN] Remote Client detected as IP Spoofing

When a client using L2tp/ipsec, its traffic gets dropped because:

2011:07:31-14:14:29 plasmashield ulogd[5693]: id="2005" severity="info" sys="SecureNet" sub="packetfilter" name="IP spoofing drop" action="IP spoofing drop" fwrule="60008" initf="ppp0" srcip="10.100.7.2" dstip="255.255.255.255" proto="17" length="78" tos="0x00" prec="0x00" ttl="128" srcport="137" dstport="137" 

2011:07:31-14:14:30 plasmashield ulogd[5693]: id="2005" severity="info" sys="SecureNet" sub="packetfilter" name="IP spoofing drop" action="IP spoofing drop" fwrule="60008" initf="ppp0" srcip="10.100.7.2" dstip="10.100.0.1" proto="6" length="52" tos="0x00" prec="0x00" ttl="128" srcport="50246" dstport="4444" tcpflags="SYN"

Is this a mis configuration from my part?

Parents

0 kbr over 12 years ago

Exceptions? That sounds like you should add it as a feature request in our feature portal...

The only thing that we are currently discussing is to add special handling for those interfaces which are under control of IPSec, as this is roughly the way the V7 used to handle it...

Cheers,
Kai
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 kbr over 12 years ago

Exceptions? That sounds like you should add it as a feature request in our feature portal...

The only thing that we are currently discussing is to add special handling for those interfaces which are under control of IPSec, as this is roughly the way the V7 used to handle it...

Cheers,
Kai
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data