[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] RFC1918 addresses on outside interface

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] RFC1918 addresses on outside interface
From: Andreas Krey <a.krey@xxxxxx>
Date: Thu, 29 Nov 2012 07:16:41 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 29 Nov 2012 01:16:55 -0500
In-reply-to: <1Tabmv-000P8v-I4@xxxxxxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <1Tabmv-000P8v-I4@xxxxxxxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.4.2.1i

On Tue, 20 Nov 2012 00:34:05 +0000, temp5@xxxxxxxxxxx wrote:
> Running a non-exit Tor relay on Linux and have iptables set up to block
> inbound and outbound RFC1918 addresses on the outside interface. Notice in
> the firewall logs several seemingly random private IP addresses connection
> attempts to my relay port getting dropped on the outside over the past few
> months.

Sounds like there are some relays running on rfc-1918 addresses
on machines that have a route to the internet but noone NATting
them. Result: Packets with rfc1918 source addresses. (And apparently
no one on the way filtering them out.)

> The MAC address associated with these matches my ISP's default
> gateway.

That is by design of IP-over-ethernet: The MAC source address
is the one of the last hop.

Andreas

-- 
"Totally trivial. Famous last words."
From: Linus Torvalds <torvalds@*.org>
Date: Fri, 22 Jan 2010 07:29:21 -0800
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] RFC1918 addresses on outside interface
  - From: temp5

Prev by Author: Re: [tor-talk] hidden service not reachable: Your system clock just jumped 121 seconds forward; assuming established circuits no longer work.
Next by Author: Re: [tor-talk] Prepared for [Raided for running a Tor exit node]?
Previous by thread: [tor-talk] RFC1918 addresses on outside interface
Next by thread: Re: [tor-talk] RFC1918 addresses on outside interface
Index(es):
- Author
- Thread