关于linux日志中存在大量martian source 日志信息的原因分析与理解_ipv4 martian source_mr_cs的博客-CSDN博客
在查看日常维护的一台Linux服务器的系统日志时,发现有大量的类似如下的信息: Jan 17 00:33:34 test4 kernel: [ 2170.725322] martian source 192.168.10.255 from 192.168.10.10, on dev br1Jan 17 00:33:34 test4 kernel: [ 2170.725328] ll h_ipv4 martian source
系统配置中取消源路由验证和防IP欺骗
在/etc/sysctl.conf文件中加入下面的配置:
#取消源路由验证#
net.ipv4.conf.default.rp_filter = 0
# 关掉IP spoofing protection#
net.ipv4.conf.eth0.arp_filter = 0
net.ipv4.conf.eth1.arp_filter = 0
net.ipv4.conf.all.arp_filter = 0
#在接口上停止记录martian source日志#
net.ipv4.conf.default.log_martians = 0
net.ipv4.conf.lo.log_martians = 0
net.ipv4.conf.eth0.log_martians = 0
net.ipv4.conf.eth1.log_martians = 0
net.ipv4.conf.all.log_martians = 0
然后使用sysctl -p 或 重启使设置生效
breeze
在/etc/sysctl.conf文件中加入下面的配置:
#46#
net.ipv4.conf.default.rp_filter = 0
# 关掉IP spoofing protection#
net.ipv4.conf.eth0.arp_filter = 0
net.ipv4.conf.eth1.arp_filter = 0
net.ipv4.conf.all.arp_filter = 0
#58 source日志#
net.ipv4.conf.default.log_martians = 0
net.ipv4.conf.lo.log_martians = 0
net.ipv4.conf.eth0.log_martians = 0
net.ipv4.conf.eth1.log_martians = 0
net.ipv4.conf.all.log_martians = 0
然后使用sysctl -p 或 重启使设置生效
Deletar comentário
Deletar comentário ?