I also thought it was some routing problem, but it turned out to be what I've explained in my previous post, INVALID packets dropped by the firewall.

P.S. I'm not using SuSEfirewall2, I'm using iptables with FWBuilder GUI.


Quote Originally Posted by enovaklbank View Post
The forum engine is still perfect, so let's write my post once again...

Please check dmesg for packets from "martian source".

I think the problem is some sort of routing problem, and such messages would reveal it.

Also, see /etc/sysconfig/SuSEfirewall2 :

# 17.)
# Do you want to enable additional kernel TCP/IP security features?
# If set to yes, some obscure kernel options are set.
# (icmp_ignore_bogus_error_responses, icmp_echoreply_rate,
# icmp_destunreach_rate, icmp_paramprob_rate, icmp_timeexeed_rate,
# ip_local_port_range, log_martians, rp_filter, routing flush,
# bootp_relay, proxy_arp, secure_redirects, accept_source_route
# icmp_echo_ignore_broadcasts, ipfrag_time)
#
# Tip: Set this to "no" until you have verified that you have got a
# configuration which works for you. Then set this to "yes" and keep it
# if everything still works. (It should!) ;-) <-- try this as well.
#
# Choice: "yes" or "no", if not set defaults to "yes"
#
FW_KERNEL_SECURITY="yes"


If it's related to some sysctl settings, the fastest way to test it is this.