Kernel logging of critical packets, martian source, KTorrent seeding

I am getting a lot of these in journalctl:

Oct 27 12:48:44 i7 kernel: IPv4: martian source <my LAN IP address - removed> from <my LAN IP address - removed>, on dev eno1
Oct 27 12:48:44 i7 kernel: ll header: 00000000: <my MAC address - removed>        .`...5..m|._..

and fewer (but still a lot) of these:

Oct 27 12:48:49 i7 kernel: SFW2-INext-ACC IN=eno1 OUT= MAC=<my MAC address - removed> SRC=180.106.26.254 DST=<my LAN IP address - removed> LEN=52 TOS=0x00 PREC=0x60 TTL=109 ID=31993 DF PROTO=TCP SPT=28976 DPT=<local port opened for KTorrent - removed> WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405AC0103030201010402) 
Oct 27 12:49:01 i7 kernel: SFW2-INext-ACC IN=eno1 OUT= MAC=<my MAC address - removed> SRC=109.233.224.6 DST=<my LAN IP address - removed> LEN=60 TOS=0x00 PREC=0x40 TTL=53 ID=10423 DF PROTO=TCP SPT=39343 DPT=<local port opened for KTorrent - removed> WINDOW=29200 RES=0x00 SYN URGP=0 OPT (020405780402080A311020DD0000000001030307) 
Oct 27 12:49:10 i7 kernel: SFW2-INext-ACC IN=eno1 OUT= MAC=<my MAC address - removed> SRC=27.42.106.226 DST=<my LAN IP address - removed> LEN=52 TOS=0x00 PREC=0x00 TTL=50 ID=22298 DF PROTO=TCP SPT=10703 DPT=<local port opened for KTorrent - removed> WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405A00103030201010402) 
Oct 27 12:49:31 i7 kernel: SFW2-INext-ACC IN=eno1 OUT= MAC=<my MAC address - removed> SRC=92.53.15.21 DST=<my LAN IP address - removed> LEN=52 TOS=0x00 PREC=0x80 TTL=119 ID=24921 DF PROTO=TCP SPT=52950 DPT=<local port opened for KTorrent - removed> WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405B40103030201010402) 

In YaST > Firewall the Logging Level is “Log Only Critical” for both accepted and not accepted packets. I have only 2 ports open:

One for KTorrent > Network > Ports & Limits > Port (the one that shows in the log above, TCP)
One for KTorrent > Network > Ports & Limits > UDP tracker port
One for KTorrent > BitTorrent > UDP port for DHT communications

• Should I worry?
• If not - why are these considered critical and hence logged?
• Do I really need these ports to be opened at all for KTorrent seeding to work? (I have actually noticed that I can seed even if they are not?)

See this wikipedia article to understand martian packets
https://en.wikipedia.org/wiki/Martian_packet

Verify you’re not configuring your ktorrent port as a port assigned to an IANA service.

Otherwise, you can probably ignore the warnings.

TSU

I already read about martian packets however I don’t understand it completely and I don’t see why they should appear.

As for the port number - it is not a IANA port, it is far above 50000.

Otherwise, you can probably ignore the warnings.

Is it advisable to ignore a message which is to be considered critical? (as per configuration)

I have set the logging level to “Do not log any” but the martians keep coming in the journal

Since you’ve removed the port number from your logs, I can’t speculate.

Be aware just because you choose a high number that it isn’t assigned.
The low numbers you may be referring to are only the most well known and important to avoid conflict.
High numbers are assigned, too.

Recommend you look up your port on the following reference, then see whether any apps you’re running might be assigned that port.
Be aware also that apps like FTP may arbitrarily reserve ports which can also cause conflicts. Although this is harder to track down, you can start by running netstat (clean boot without ktorrent running) to see what ports your system may already be using up to then which still won’t identify any ports which an app might try to use later.

https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.txt

TSu

It’s not a IANA reserved port and it is not used by any program or service.

I found the problem. It has nothing to do with the port number or KTorrent. It was one of the dst-nat rules of the main router which had no input interface specified. Once fixed - no more martians.