Is the output of tcpdump after all policies and nat’s were applied, and what’s actually leaving on the wire on that interface? Or is it showing what the kernel sees and then any policy actions are going to be invisible.
Reason I ask is that our firewall guy claims his stuffs good, but I do not see packets arriving on my interface. I helped walk him through a tcpdump but the output actually does make it look like the firewall is sending the packets. It shows it sending them, but I don’t get them. Wth
No comments:
Post a Comment