CentOS 5 Networking :: External Traffic Starts Going Over Internal Interface
Feb 16, 2010
I have a DELL running CentOS 5.4 with 2 active NICs, one with an external IP address (eth0) on 123.456.78.9 and another that is connected to our internal network (eth1), 192.168.2.x. When I reboot the server, everything works glowingly. External traffic is correctly routed over the external interface (eth0) and internal traffic over the internal interface (eth1). After some random amount of time, a couple of hours and sometimes a couple of days, all traffic starts getting routed over our internal network, so DNS requests fail, internet pages don't load, smtp connections fail, etc.
I'm assuming that everything that's not headed for our .1, .2 or VPN internal networks would go out the external interface. And why this works for a period of time and then stops working is beyond me. And when external traffic starts going over the internal interface, I just reboot and it starts working like it's supposed to again.
View 13 Replies
ADVERTISEMENT
Nov 21, 2010
My Ubuntu Box has 3 interfaces. eth0 (Internal 192.168.1.0/24)eth1 (External ISP DHCP)eth2 (External ISP Static IP)I need the outgoing traffic to internet for 1 of the internal pc (192.168.1.10) to only go only go through eth2
View 4 Replies
View Related
Sep 12, 2011
Currently I have a server which runs under centOS 5.6. It is dedicated to the VoIP application of my customer.I have a problem for which I have the solution but I didn't managed to achieve it.So, let me explain you the context.Here is the networking aspects of my environment
VoIP Provider_____Gateway_____________My server
ADSL Provider____(non pingable)
x.x.x.2 <====> A.A.A.1 <======> A.A.A.3
[code]....
View 2 Replies
View Related
Jul 29, 2009
I have a (virtual) server with 3 NIC's: 1 external (inet), 1 local and 1 DMZ. This server is my gateway.
I would like my internal network, where every server has a static 192.168.0.x IP, to access the internet via the gateway.
That means the traffic has to pass from the 'local' NIC to the 'external' NIC, connected to the internet.
Which setting do I change to accomplish this ?
Please check the sceenshot (attachment) for my current setup
View 4 Replies
View Related
Sep 29, 2010
I need to set up my centOS computer as a firewall in my home network. Ive got 2 interfaces, eth0 and eth1. I want to allow and forward all traffic on eth0 and block all traffic on eth1 except ssh, ping(icmp) and DNS. How do I do this? Ive tried some editing in /etc/sysconfig/iptables but no luck.
View 1 Replies
View Related
Jul 3, 2010
Does anyone know if it is possible to filter/block network traffic between internal hosts on a lan?
Eg. : Linux firewall/router ( 192.168.0.1) - LAN Default G/W - all internal > external traffic gets filtered.
How would you filter tcp/ICMP/UDP traffic from internal host a ( 192.168.0.2 ) to host b ( 192.168.0.3)
All the internal hosts have the linux f/w as the default gateway, and are all on the same /24 subnet.
I would like to know if I can filter traffic between internal hosts.
View 3 Replies
View Related
Feb 2, 2011
I've got 4 or 5 of these TRENDnet USB network adapters ( TU-ET100c ) that I use frequently when I'm configuring firewalls or IPS devices for customers. I use them in combination with VirtualBox to test. They've always worked great until my new laptop I just got, and I put 10.04 on it. Previously I was on 9.x. Sometimes they will give a link light, other times not. And when they do the interface shows that it's up, but I can't get any traffic across the interface.
[code]...
View 3 Replies
View Related
Jan 16, 2010
How do you count the traffic on the interface, friends ?
I have a router for a medium-size LAN. HTTP-traffic goes through the transparent proxy, logs are parsed with Sarg, so that's the way I look how much megabytes my users 'do' daily.
Now I want to get rid of proxy, just to do sNAT. But I still want to know the daily traffic of my users (even in general, not for each user).
The router is run by Slackware 12.2.
View 1 Replies
View Related
Sep 25, 2010
When setting up an alias for eth0, the interface works as expected for normal traffic, but does not receive broadcast traffic.
Host 1's setup:
Code:
Pinging host 1's normal interface from host 2 works as expected:
Code:
Pinging host 1's alias interface from host 2 works as expected:
Code:
Broadcast pinging from host 2 only gets a reply from host 1's real interface (as well as some other uninteresting devices on the network):
Code:
I have confirmed by listening on both interfaces using netcat, and broadcasting using netcat, and again only the real interface receives data.
Is this by design, or is it possible to get interface aliases to receive broadcast traffic?
View 1 Replies
View Related
Dec 3, 2010
What i wanted to do was use a linux machine with a wireless and wired interface to act as a router. The wireless interface would be the outside and get its IP via DHCP from the wireless my landlord provides. The wired connection would be for my local pcs. I understand it would be slow having multiple pcs using a single wireless gateway.
View 2 Replies
View Related
Aug 12, 2010
I'm hoping some of the Linux network experts can help me with this problem.
Situation: I have a technology which is a WebLogic JEE application that communicates to an Oracle database. Everything is installed in a single Linux virtual machine running in VirtualBox. Traffic from the JEE application goes via JDBC over TCP to the local running database. What I want to do is test a new database firewall server that wants all traffic destined for the database to flow via another virtual machine running the DB Firewall software.So therefore want I need to do is have DB traffic forced out over one interface only to return on another interface on the same VM listening on a different address.
JEE application running in WebLogic bound to 192.168.111.12 (eth1 a VirtualBox hostonly interface). Makes a request for 10.0.111.12 (eth2 a VirtualBox internal interface) which the database is listening on. Because both IPs are on local interfaces, Linux is going to handle the traffic and not route the 10.x traffic via the 192.x interface.I also have running the database firewall server which has a bridge (br0) between the HostOnly network and the Internal network.Both systems are running Oracle Enterprise Linux R5U4, which is basically the same as RedHat.What I want to do is have the request for 10.0.111.12 forced out via 192.168.111.12, bridged over the br0 connection and back into 10.0.111.12 and to the database. My networking knowledge is pretty good, but i'm stuck right now on the right way to do this. I'm pretty sure it is possible, I just need clear advice.
Reason for setup: Ideally I would build the system with the database on a separate machine so that I can easily route the traffic. Unfortunately we have many VirtualBox based demonstration systems with both the application and database installed on the same VM and therefore the amount of work to migrate these two dual VMs is going to be significant, also many of these VMs are demonstrated from laptops which have limited resources and creating a new database VM reduces overall performance. If I can create a way to force the traffic in this manner off and back onto the same VM via the other VM bridge, it would be fantastic.
View 7 Replies
View Related
Aug 21, 2010
I have a linux router with 2 physical ISPs and a VPN tunnel that all my traffic passes through. I would like to setup a rule to redirect all traffic from one internal IP address (10.0.0.x) through the physical link only. My current script is as follows.
iptables -F
iptables -X
echo 1 > /proc/sys/net/ipv4/ip_forward
[code]....
My goal is to do something similar to the mangle on the tor traffic, but for an entire host.
View 2 Replies
View Related
Mar 2, 2011
The task I am trying to complete is the virtualization of an IPv6 router created using two fedora machines. Here is the physical setup I have now...
PC1:eth0 <------> network
PC1:eth1 <------> PC2:eth0
PC1:eth2 <------> PC2:eth1
PC1 runs radvd to provide router advertisements to the network and a DHCPv6 server for stateful addresses.Each interface is configured on a separate subnet. PC2 runs a DNS server on eth0. PC2:eth1 is used as an IPv6 client for testing purposes. The connections from PC1 to PC2 are just crossover cables.I've created virtual machines of both PCs and have created 4 virtual adapters on the host machine for each of the local-only interfaces.Now I have this:
PC1:eth0 = HOST eth0
PC1:eth1 = HOST vboxnet0
PC1:eth2 = HOST vboxnet1
[code]....
View 2 Replies
View Related
May 23, 2011
i have centos 5.5 and qmail installed in it this qmail is used for internal mail , we are not send mail from internal to external ids i.e gmail, yahoo etc, this qmail intalled on 192.x.x.x ip server this ip is not live ip but my problem is that from few days mail are sending from internal to external like indiatimes ,yahoo etc
View 1 Replies
View Related
Jul 14, 2009
Have done a bit of Googling around this but got totally swamped so will try here. Basically we are running a CentOS server which hosts a number of virtual hosts under Apache. Recently I needed to set up a development environment for another site using Ubuntu and have this running and accessible on the LAN from a VMWare image. I'm using bridged networking so the VMWare machine has its own IP on the LAN subnet.
I've set up a DNS to point to the external IP of the physical host but can't figure out how to route traffic requested on this domain to the VMWare host. I've basically tried two approaches (configuring a proxy web server and reverse proxy in an httpd.conf file and mucking around with iptables forwarding rules but without success.
Ideally I'd like somesite.somewhere.com to point to the VMWare IP but I could live with a custom port on the end if thats whats required.
To throw further complication into the mix I need reliable communication between the VMWare machine and external mail relay servers in order to debug any issues with mail bouncebacks, embargos etc.
Any idea what's the easiest way to accomplish this?
View 4 Replies
View Related
May 9, 2009
I've been wondering lately about what would be the best approach to take concerning WiFi on my laptop (or laptops in general) ? Understand my question concerning this is ONLY about performance and no other issue.
What is the better thing to do:
a) install a new (better) WiFi card inside my laptop,
b) remove the card inside my laptop and use a WiFi USB stick,
c) remove the card inside my laptop and use a WiFi PCMCIA card?
Is simply being external to the laptop going to give me better performance in terms of locating and using a WiFi connection? On the laptop I'm currently using I know that merely rotating the laptop can boost the connection signal strenght by 15% or more. So, I'm really wondering about this. btw, I'm seriously giving thought to glueing a 3 or 4 inch lenght of 1/2 inch pvc pipe to the lid of my laptop as a holder for a homebrew parabolic WiFi dish. The idea is to attach the USB WiFi stick to a piece of coat hanger wire. Then slide the bottom and top of the coat hanger wire into a piece of paper (that's had aluminum foil glued to it) forming a parabola behind the WiFi stick. By rotating the parabola in the pvc holder I can instantly directionalize the reception/transmission of the Wifi USB stick. I'm wondering if anyone in the forum has experienced the difference between an internal vs an external WiFi device? Secondarily, has anyone in the forum tried the parabola trick?
View 2 Replies
View Related
Feb 6, 2011
I just set up my first ever bind9 DNS server running on ubuntu server 10.04. This server is also my gateway/dhcp server.
Here is what is weird: If I do a dig @8.8.8.8 dschuett-lmtl.scs.local from any of my clients it resolves?!?! Dig shows that it got the answer from MY Bind9 DNS server (and NOT Google's of course), but why is it still resolving when I'm telling it to use and external DNS server?
The other weird thing is that the SAME EXACT dig command above does NOT resolve internal host names if I do it from the Bind9 DNS server. - Which is what i would expect SHOULD be happening if done from the client machines...
Here are the dig results:
From any internal client:
Code:
View 2 Replies
View Related
Dec 9, 2010
Im setting up a server thats connected to a large network. Now my external ip on the network is static and is 10.0.12.15. What I want is to create a dhcp network using the second port of my box. The first port eth0 goes to my network with the static ip 10.0.12.15 and my second port is connected to a switch with the static ip 192.168.12.1. Now dhcp works fine but none of the boxes that are connected to the internal ip cannot connect to the internet. Iv tried using squid and manual static ip routes. Im not using network manager or anything cause its a command line server.
View 1 Replies
View Related
Dec 25, 2010
Disable internal wireless card & enable external? Can I do this really by network-manager or should I use some other program. If I plug-in external both are connected. If I disable internal by laptop button, I cannot enable wireless anymore in nm-applett (external on).
View 7 Replies
View Related
Aug 6, 2011
I would like to turn off the internal wireless card since my external wireless card has better signal. Problem is if I turn of the internal card the external card turns off as well. My external card is an alfa awus036h 1000w. Laptop Gateway NV53. How would I disable the internal card and use only my external card?
View 2 Replies
View Related
Nov 20, 2010
I'm looking for a powerful network traffic monitor that can do all of the following (or at least a combination of tools that can do the following):
Tell me how much data was downloaded/uploaded on an interface this month and the previous month tell me how the traffic was used throughout the monthshow which internal IPs (IPs in the 192.168.1.0/24 network) used how much traffic show which ports/protocols on those IPs used all that traffic
Hhow LIVE traffic flow statistics that can tell me total speed of traffic going through an interface as well asshow which internal IPs (IPs in the 192.168.1.0/24 network) are using how much of the traffic show which ports/protocols on those IPs are using that traffic
This tool will run on a linux router through which all my internal PCs are connected to the Internet. This means the tool(s) need to work with NAT (traffic being forwarded and not necessarily destined for the interfaced being monitored).
The distribution being run doesn't have a package manager so any packages or dependencies have to be manually compiled and SCPed over file by file. For this reason, the tool/tools need to be simple (things like vnstat, not things like ntop that have their own web interface).
I know that vnstat can tell me the first bullet point so it's only there incase there's a tool out there that can do everything. If there's a tool that can only do the second or third bullet point, that's great too - I'll just keep using vnstat and look for something else to do the other task.
View 6 Replies
View Related
Feb 19, 2010
I want to know if there any way to find out interface of Linux Box(Suse 9>)is onboard or externally attached (pci slot)?
Note:- This is a problem which I am facing in my work. In onsite server we need to configure n/w card too. So some time when we configure, I'm confusing which interface should be configured. Client insisting us to configure embedded(onboard) interface. How to find out that.
View 4 Replies
View Related
Dec 27, 2010
I have an external hard drive with an xfs partition on it. It was using an external journal, but in re-installing Slackware I removed the partition holding the external journal, forgetting what it was at the time. I didn't touch the contents of the external hard drive, but now I can't mount it and the various xfs programs seem to demand that it be mounted in order for them to change anything.Anyone have any ideas on how to change an xfs partition from external log to internal? Failing that, how do I get the information off it?
View 1 Replies
View Related
Oct 18, 2009
how to configure my network for web traffic.Here is my setup:I have the following virtual machines, (all guest are running on CentOS 5.3);
firewall: Smoothwall 3.0, (hardware, not virtual)
guest # 1: Apache http server
guest # 2: Qmail server
guest # 3: Proftp server
I want all of these services on different machines for security reasons, (mainly the ftp server) how do I route the traffic from the firewall to the different machines? I have been looking at setting up a reverse proxy, however, everything that I have read says that a reverse proxy will not handle the smtp/pop3 traffic. Can I just use a DNS server to route the traffic?
View 5 Replies
View Related
Jan 18, 2011
ok I am using a customized CentOS distro that is looking for 3 network cards on boot. eth0, eth1, eth2. I do not need eth0 and need to bridge it to eth1.
View 1 Replies
View Related
Oct 18, 2010
I'm having a problem and despite I have googled a lot cant find the root cause. I have a server with two embedded NICs and centos 5.5 loaded. I need to have one NIC with a fix internal IP address to communicate with the intranet and a second NIC with a fix address from my telephone provider. I know I cant have two different gateways on the net so I configured only the gateway for the second NIC leaving the field empty for the first.
I found that the first NIC is handling all the traffic for both interfaces (eth0 and eth1) and the second NIC is in standby (or doing nothing). This is causing the traffic intended for the second NIC never reach their destination. After a couple days working with the BIOS and other configuration files I tried another way of solve the issue. I put a fix address for the first NIC and another fix address for the second NIC (both in the same subnet) and from a computer pinged successfully both addresses. However if I disconnect the cable for the first NIC both interfaces goes down (eth0 and eth1) and both pings fails. If I disconnect the cable for the second NIC (with the first one connected) both pings still running without any disturbance.
I worked also in a second server with different hardware (different kind of motherboard, different NIC manufacturer, etc.) but the problem is also present in this second server. I was reading about NIC bonding or teaming, but this configuration is not present in the modprobe.conf or in the ifcfg-eth0 files, so I believe the problem is not related with this feature. Do you know what is happening with the NICs and how can I get two really, fully independent NICs?
View 7 Replies
View Related
Jul 30, 2011
I am running Debian Squeeze on an old pc (AMD K62-500) which serves as my multiwan router and torrent box. Internet uplink is provided via a dsl line and 2 wireless canopy modules.
Setup has been generally fine except when connecting/downloading as free user from sites like rapidshare, hotfile, filesonic, etc. The problem arises when I am connected to these sites using the wireless uplinks because of the shared public ip. I don't really download that much using direct download methods so I don't really see myself being a premium user from these sites.
If these sites are on a specific ip or ip range, an entry on the static routing table would have been fine but when I tried using ping, a different ip would appear to reply each time.
I wonder if there can be a solution like using iptables where in traffic to and from these sites will only use the NIC connected to the dsl line.
View 1 Replies
View Related
Jun 7, 2009
I have a few external IP's assigned to me by my ISP. I have IPcop as my router/firewall. I am wondering how to bind 1 of my external ip's to my internal ip address. So I do not have to port forward, etc. For Example, 77.77.77.77 to 192.168.1.123 and on the server it see's the external IP address.
View 2 Replies
View Related
May 4, 2010
i installed CentOS 5.4 with squid and dansguardian as internal use in a firm. There is a domain server and primary dns windows, but by "wpad" file every internal computer is automaticly forwarding on CentOS proxy.Dansguardian port 8080Squid port 3128Now i have a problem, how to inform my customers who use your laptop in our lan that they have to configure the proxy.
View 4 Replies
View Related
May 21, 2011
I'm trying to setup a Centos 5.6 Squid Proxy Server with Content Filtering & Antivirus Scanning Incoming HTTP Traffic from the Internet
I then proceeded to setup an configure the Proxy Server, i was able to test and confirm that Squid and Dansguardian Content Filter is working, however i dont know if Clamav is scanning HTTP traffic before it hits the client/server. Is there a way i can check if the Antivirus scanning is working.. is there some log file or real world test i can i can do to confirm that Clamav is scanning incoming traffic or even blocking potential viruses ??
Anyone who has squid proxy server with Clamav configured and its working can share there settings/setup with me and how they tested it ??
View 1 Replies
View Related
