Ping a Specific Port

Question

user3018558

Asked: 2015-10-26 11:25:54 +0800 CST2015-10-26 11:25:54 +0800 CST 2015-10-26 11:25:54 +0800 CST

iptables is occasionally logging MAC addresses. Why?

772

I have logging enabled on specific iptables packet drops. The rules I'm using are IP/port related only and this is what I can easily see in the logs, however occasionally I do get MAC address information logged as well. Like:

"....OUT=eth1 IN= MAC=00:26:a9:7b:c9:30:00:17:0f:ac:6a:80:08:00"...

These mac-addresses related logs are sporadic.

What I have noticed:

these dropped/mac-logged communication are always inbound
the source mac-address logged is the one of my default-gateway (Service Provider), although the source IPs are different.
the destination mac (obvious but just to confirm) is the one of my interface

What I'm trying to understand:

what is the iptables logic when deciding to capture in the logs "MAC addresses + IP/port" instead of "IP/port" only.

1 Answers

Voted

Nedry · Answer 1 · 2016-03-05T15:16:50+08:00

Nedry

2016-03-05T15:16:50+08:002016-03-05T15:16:50+08:00

The MAC information is only logged for devices on your local network. It is actually a hex dump of the ethernet MAC header and consists of the source MAC address (00:26:a9:7b:c9:30), destination MAC address (00:17:0f:ac:6a:80) and ethernet frame type (08:00).

3

iptables is occasionally logging MAC addresses. Why?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?