Results 1 to 7 of 7

Thread: Kernel logging of critical packets, martian source, KTorrent seeding

  1. #1

    Question Kernel logging of critical packets, martian source, KTorrent seeding

    I am getting a lot of these in journalctl:

    Code:
    Oct 27 12:48:44 i7 kernel: IPv4: martian source <my LAN IP address - removed> from <my LAN IP address - removed>, on dev eno1
    Oct 27 12:48:44 i7 kernel: ll header: 00000000: <my MAC address - removed>        .`...5..m|._..
    and fewer (but still a lot) of these:

    Code:
    Oct 27 12:48:49 i7 kernel: SFW2-INext-ACC IN=eno1 OUT= MAC=<my MAC address - removed> SRC=180.106.26.254 DST=<my LAN IP address - removed> LEN=52 TOS=0x00 PREC=0x60 TTL=109 ID=31993 DF PROTO=TCP SPT=28976 DPT=<local port opened for KTorrent - removed> WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405AC0103030201010402) 
    Oct 27 12:49:01 i7 kernel: SFW2-INext-ACC IN=eno1 OUT= MAC=<my MAC address - removed> SRC=109.233.224.6 DST=<my LAN IP address - removed> LEN=60 TOS=0x00 PREC=0x40 TTL=53 ID=10423 DF PROTO=TCP SPT=39343 DPT=<local port opened for KTorrent - removed> WINDOW=29200 RES=0x00 SYN URGP=0 OPT (020405780402080A311020DD0000000001030307) 
    Oct 27 12:49:10 i7 kernel: SFW2-INext-ACC IN=eno1 OUT= MAC=<my MAC address - removed> SRC=27.42.106.226 DST=<my LAN IP address - removed> LEN=52 TOS=0x00 PREC=0x00 TTL=50 ID=22298 DF PROTO=TCP SPT=10703 DPT=<local port opened for KTorrent - removed> WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405A00103030201010402) 
    Oct 27 12:49:31 i7 kernel: SFW2-INext-ACC IN=eno1 OUT= MAC=<my MAC address - removed> SRC=92.53.15.21 DST=<my LAN IP address - removed> LEN=52 TOS=0x00 PREC=0x80 TTL=119 ID=24921 DF PROTO=TCP SPT=52950 DPT=<local port opened for KTorrent - removed> WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405B40103030201010402)
    In YaST > Firewall the Logging Level is "Log Only Critical" for both accepted and not accepted packets. I have only 2 ports open:

    One for KTorrent > Network > Ports & Limits > Port (the one that shows in the log above, TCP)
    One for KTorrent > Network > Ports & Limits > UDP tracker port
    One for KTorrent > BitTorrent > UDP port for DHT communications



    • Should I worry?
    • If not - why are these considered critical and hence logged?
    • Do I really need these ports to be opened at all for KTorrent seeding to work? (I have actually noticed that I can seed even if they are not?)

  2. #2
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    10,954
    Blog Entries
    2

    Default Re: Kernel logging of critical packets, martian source, KTorrent seeding

    See this wikipedia article to understand martian packets
    https://en.wikipedia.org/wiki/Martian_packet

    Verify you're not configuring your ktorrent port as a port assigned to an IANA service.

    Otherwise, you can probably ignore the warnings.

    TSU

  3. #3

    Default Re: Kernel logging of critical packets, martian source, KTorrent seeding

    Quote Originally Posted by tsu2 View Post
    See this wikipedia article to understand martian packets
    https://en.wikipedia.org/wiki/Martian_packet

    Verify you're not configuring your ktorrent port as a port assigned to an IANA service.
    I already read about martian packets however I don't understand it completely and I don't see why they should appear.

    As for the port number - it is not a IANA port, it is far above 50000.

    Otherwise, you can probably ignore the warnings.
    Is it advisable to ignore a message which is to be considered critical? (as per configuration)

  4. #4

    Default Re: Kernel logging of critical packets, martian source, KTorrent seeding

    I have set the logging level to "Do not log any" but the martians keep coming in the journal

  5. #5
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    10,954
    Blog Entries
    2

    Default Re: Kernel logging of critical packets, martian source, KTorrent seeding

    Since you've removed the port number from your logs, I can't speculate.

    Be aware just because you choose a high number that it isn't assigned.
    The low numbers you may be referring to are only the most well known and important to avoid conflict.
    High numbers are assigned, too.

    Recommend you look up your port on the following reference, then see whether any apps you're running might be assigned that port.
    Be aware also that apps like FTP may arbitrarily reserve ports which can also cause conflicts. Although this is harder to track down, you can start by running netstat (clean boot without ktorrent running) to see what ports your system may already be using up to then which still won't identify any ports which an app might try to use later.

    https://www.iana.org/assignments/ser...rt-numbers.txt

    TSu

  6. #6

    Default Re: Kernel logging of critical packets, martian source, KTorrent seeding

    It's not a IANA reserved port and it is not used by any program or service.

  7. #7

    Smile Solved

    I found the problem. It has nothing to do with the port number or KTorrent. It was one of the dst-nat rules of the main router which had no input interface specified. Once fixed - no more martians.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •