I have three Computers: A, B and C.
I am trying to send packets from A over B to C. To achieve that, I configured B as default gateway of A and C as default gateway of B. On B, I activated packet forwarding (sysctl -w net.ipv4.ip_forward=1) and configured iptables' FORWARD policy to "ACCEPT".
If I am using scapy to send packets from A like this (the MAC-Address is the address of Bs interface connected to A):
sendp(Ether(dst="e8:39:35:0f:13:09")/IP(dst="12.34.56.78"), iface="eth2"), a tcpdump on C shows that the packet arrives.
But as soon as I add a source address to the packet send from A, forwarding does not seem to work anymore - no packets arrive on C: sendp(Ether(dst="e8:39:35:0f:13:09")/IP(src="1.2.3.4",dst="12.34.56.78"), iface="eth2").
Am I missing something? Any input would be very welcome!
Some offline help gave me the clue to solve this problem: the keyword is Reverse Path Forwarding: This is a feature to help against IP spoofing. If the kernel gets a network packet, it checks if it could reach the packet's source IP via the interface the packet arrived on. If that is not the case, the packet is dropped.
Depending on the OS, this may or may not be enabled. See the output of cat /proc/sys/net/ipv4/conf/eth0/rp_filter: 0 means no reverse path forwarding.