我的 127.0.0.1 定向流量的源 IP 地址如何被更改?

我的 127.0.0.1 定向流量的源 IP 地址如何被更改?

我正在尝试使用127.0.0.1以下接口从我的计算机执行 ping 操作:

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
    inet 127.0.0.1  netmask 255.0.0.0
    inet6 ::1  prefixlen 128  scopeid 0x10<host>
    loop  txqueuelen 1000  (Local Loopback)
    RX packets 170879  bytes 9140807 (8.7 MiB)
    RX errors 0  dropped 0  overruns 0  frame 0
    TX packets 170879  bytes 9140807 (8.7 MiB)
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo:1: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
    inet 192.168.117.1  netmask 255.255.255.0
    loop  txqueuelen 1000  (Local Loopback)

我没有任何特殊的路由或 iptables 规则。在 ping 时,127.0.0.1我看到源 IP 为192.168.117.1

[  +5.279957] TRACE: raw:PREROUTING:policy:2 IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=192.168.117.1 DST=127.0.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=61813 DF PROTO=ICMP TYPE=8 CODE=0 ID=11844 SEQ=1 
[  +0.015864] TRACE: mangle:PREROUTING:policy:1 IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=192.168.117.1 DST=127.0.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=61813 DF PROTO=ICMP TYPE=8 CODE=0 ID=11844 SEQ=1 
[  +0.015960] TRACE: mangle:INPUT:policy:1 IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=192.168.117.1 DST=127.0.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=61813 DF PROTO=ICMP TYPE=8 CODE=0 ID=11844 SEQ=1 
[  +0.015974] TRACE: filter:INPUT:policy:1 IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=192.168.117.1 DST=127.0.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=61813 DF PROTO=ICMP TYPE=8 CODE=0 ID=11844 SEQ=1 
[  +0.015967] TRACE: raw:PREROUTING:policy:2 IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=63078 PROTO=ICMP TYPE=0 CODE=0 ID=11844 SEQ=1 
[  +0.015690] TRACE: mangle:PREROUTING:policy:1 IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=63078 PROTO=ICMP TYPE=0 CODE=0 ID=11844 SEQ=1 
[  +0.015724] TRACE: mangle:INPUT:policy:1 IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=63078 PROTO=ICMP TYPE=0 CODE=0 ID=11844 SEQ=1 
[  +0.015613] TRACE: filter:INPUT:policy:1 IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=63078 PROTO=ICMP TYPE=0 CODE=0 ID=11844 SEQ=1

我不知道是谁导致源地址发生变化。如果有人可以推荐我应该检查的组件,那就太好了?

更新:

我写了关于问题的背景这里

答案1

于是我发现这确实是iptables。我有一个容器正在添加“随时随地伪装”规则,但它在主机上不可见。该容器的运行iptables由以下支持nftables

iptables v1.8.4 (nf_tables)

当底层主机仍在运行旧版 iptables 时:

iptables v1.4.21

由于nf_tables支持iptables,您无法看到主机上容器配置的规则,除非您在添加规则之前切换回旧后端:

update-alternatives --set iptables /usr/sbin/iptables-legacy
iptables v1.8.4 (legacy)

好玩的东西!

相关内容