It's not correct that the modern Linux kernel refuses to forward packets with a source address in 0.0.0.0/8. The only address that it refuses to forward this way is 0.0.0.0/32.<p>I just got a patch into the ip(7) man page that describes this<p><a href="https://git.kernel.org/pub/scm/docs/man-pages/man-pages.git/commit/?id=8cf319f3db889f80b0309ac32ef61be0b7d8cb94" rel="nofollow">https://git.kernel.org/pub/scm/docs/man-pages/man-pages.git/...</a><p>although there hasn't been a man-pages release since then, so you probably can't see this on your own system yet.<p>The original change (included in Linux 5.3) is<p><a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=96125bf9985a75db00496dd2bc9249b777d2b19b" rel="nofollow">https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/lin...</a><p>(I'm working on a project that aims to make these addresses potentially useful for numbering Internet hosts in the future, as part of which Dave Taht's patch linked above was written, so I follow this very closely!)<p>Separately, you need to be able to process a 0.0.0.0/32 source address on external interfaces (though not to forward it) in order to be able to implement a DHCP server, as that's the source address used by DHCP clients. (edit: another commenter pointed out that this commonly uses raw sockets so it doesn't necessarily require any explicit kernel support)
A martian is a packet that has a source address in a network for which the interface it's arriving on isn't configured. They're not restricted to 0/8; they can have just about any source address.<p>> The best way to fix this issue is to change Netflow / IPFIX / sFlow agent configuration on device to use another legitimate IP address instead of 0.0.0.0.<p>Um, yes. 0.0.0.0 looks like a really bad choice of source address.
"martian" isn't an official term from the RFCs, and is terrible usage. If linux is not running on mars at the moment (perhaps in the Chinese rover?) it surely will be in the not too distant future. And a router in orbit may need to distinguish between martian and terrestrial traffic.<p>Which the code can easily do of course, but a foolish name like this could confuse someone debugging code during development, or worse while debugging a communication problem in process far away.<p>(BTW this is an earnest, not humorous comment).
> <i>It's relatively tricky to read as text and you may prefer to look on screenshot of my console</i><p>If you copy it from the console and then use a `<pre>` tag rather than a `<blockquote>` tag it'll work well.<p>See here: <a href="https://i.imgur.com/gAsb9TR.png" rel="nofollow">https://i.imgur.com/gAsb9TR.png</a>
<a href="https://pavel.network/content/images/2023/04/drop.png" rel="nofollow">https://pavel.network/content/images/2023/04/drop.png</a><p>Why can't RFCs be readable by default? Why do they still have explicit line- and page-breaks and fixed-width fonts?