Information
When enabled, this feature logs packets with un-routable source addresses to the kernel log.
Enabling this feature and logging these packets allows an administrator to investigate the possibility that an attacker is sending spoofed packets to their system.
Solution
Set the following parameters in /etc/sysctl.conf or a /etc/sysctl.d/* file:
Example:
# printf "
net.ipv4.conf.all.log_martians = 1
net.ipv4.conf.default.log_martians = 1
" >> /etc/sysctl.d/60-netipv4_sysctl.conf
Run the following command to set the active kernel parameters:
# {
sysctl -w net.ipv4.conf.all.log_martians=1
sysctl -w net.ipv4.conf.default.log_martians=1
sysctl -w net.ipv4.route.flush=1
}