:maple2: maple classic™ :bot:

@nightpool@cybre.space i'm sure because i just sshed into my server from a vps and the vps (obviously not my router or even in my lan, in a country away) is reported as 192.168.1.1

0
varx (is elsewhere now)

@squirrel @nightpool Pretty sure my openssh reports the remote IP address—the router should just be routing. Maybe a misconfigured router? 🤔

0
:maple2: maple classic™ :bot:

@varx @nightpool@cybre.space uh huh and how do you proprose i fix it

· · 0 · 0 · 0
varx (is elsewhere now)

@squirrel @nightpool Man, I wish I knew. :-( I'm fighting with some Router Weirdness myself, and don't have openwrt experience.

What I was trying to say, and I guess I flubbed it, was: I agree that that VPS experiment does seem to rule out malware as the obvious explanation. (Also, can now confirm that my sshd does not do this.)

0
varx (is elsewhere now)

@nightpool @squirrel
I think... OK, so to produce this effect, the router would have to be terminating the inbound TCP connection itself, and then opening a new TCP connection to your server.

So my next step would be seeing if this happens for other protocols/ports. I guess open another port, send in an HTTP request, and try a packet capture to see what the remote IP is? 🤷

0
Sign in to participate in the conversation
Computer Fairies

Computer Fairies is a Mastodon instance that aims to be as queer, friendly and furry as possible. We welcome all kinds of computer fairies!

Resources

Developers

What is Mastodon?

computerfairi.es

More…