Debian Configuration :: How To Modify Traffic Between Two Interfaces In Linux
Aug 8, 2015
I have a laptop connected to internet via wlan0. I also have eth0 interface and with it I share internet. I want to modify/filter all the traffic passing by the first laptop, something like this:
Code: Select all          *---------------------------*
          |    LAPTOP 1      |   *--------------* ?
          |-----*  *------*  *----*   |       |
  INTERNET<------>|wlan0|<-->|MY_APP|<-->|eth0|<---->|ANOTHER LAPTOP|
          |-----*  *------*  *----|   |       |
          *---------------------------*   *--------------*
I know that in FreeBSD it is possible to use ipfw for that purpose, because it build-in into kernel. We set for example rule Code: Select allipfw add divert 2000 ip from any to 1.0.1.1
and we can use our own application to process those packets, reinject them forward etc. It will work also fast, because as I said, it build into kernel.
Is there any standart Linux-based solution to do the same? I found some info about netmap-ipfw. Is this a correct solution? Or I have to use for example IP-aliases and iptables to do that?
I need to process all the IP-packets, not only TCP/UDP/etc-protocol. Solution also must be very fast.
View 0 Replies
ADVERTISEMENT
Mar 30, 2010
I had one of those random system deaths, so reinstalled squeeze (daily netinst image I think...) on my eee 1000, which uses an rt2860 wireless chip. The new install only installed 2.6.32, which I had been avoiding using because of a few problems, including it dealing with networking slightly differently. I couldn't get it to work - even without encryption - using wicd. Having had a read of [URL]... , I had a look at /etc/network/interfaces, which read; This file describes the network interfaces available on your system and how to activate them. For more information, see interfaces(5).
[code]...
ra0 is now called wlan0, as far as I'm aware. I've read in several places that it is best to expunge this file of all references to wifi, so I removed the bottom section (after '# The primary network interface'). I still got nothing. However, if I go ahead and change the 'ra0's to 'wlan0's, it seems to work - wicd connects. Not very familiar with Debian (spent more time on SUSE. Drop your tomatoes - I like it. Any idea what is happening? Is what I'm doing wrong? Conversely, is the file wrong? Should it be reported? Against which package? Including any particular files?
View 2 Replies
View Related
Jun 16, 2010
I have a netgear wg111t that is running with ndiswrapper. It has an atheros chipset, but calling it ath0 didn't work.
Heres /etc/network/interface :
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface auto lo
iface lo inet loopback
View 6 Replies
View Related
Jun 13, 2010
what rules I need to use to only allow traffic between 2 interfaces (which are part of a linux bridge) using ebtables?
So let's say I have if0, if1, if2. I want if1 to communicate with if0. I also want if2 to be able to communicate with if0. But I don't want if1 and if2 to communicate with each other.
View 2 Replies
View Related
Mar 29, 2010
I have a rather urgent problem with my network, I got two virtual network interfaces one internal and one external. The problem is; I can't get connection to internet. The external NIC is set as a NAT and the internal is... internal.
/etc/network/interfaces
auto eth1
iface eth1 inet static
address 192.168.1.200
netmask 255.255.255.0
Running with this configuration makes my internet connect go away, however if I remove the configuration for eth1 everything is working fine.
View 3 Replies
View Related
May 11, 2010
My new Squeeze machine detects all of my hardware including the LAN and WLAN cards, but only brings up the LAN card. There isn't even an entry for it in /etc/network/interfaces for me to modify. I tried adding the info manually but then the entire network wouldn't start. I had it configured as a static IP and I know the commands were correct due to them working on the LAN card. I believe that the name "wlan0" was causing the problem, but how else can I bring it up at boot?
View 7 Replies
View Related
Jan 10, 2011
I was just wondering if there's any point having both auto and allow-hotplug against the same interface in network/interfaces as allow-hotplug seems to bring an interface up at boot on its own.
View 3 Replies
View Related
Jun 27, 2011
I have a Dell PowerEdge SC430, Squeeze 6.0.2 box, Broadcom NetXtreme NIC which works fine DHCP. The network-manager package is not installed. I have now reconfigured /etc/network/interfaces for a static IP:
auto eth0
iface eth0 inet static
address 192.168.1.2
[code]....
View 7 Replies
View Related
Jun 28, 2011
I have a UBUNTU server 10.04 LTS with 3 network interfaces (eth0,1,2) with eth0 is connected to my lan and others connected to two different ISPs , I am looking for a very flexible and complete monitoring tool which can monitor all of the traffic of incoming and outgoing of any interface and SPECIALLY can show me which local client made connection to which interface for connecting to internet in online mode not offline and it is good to have online web base interface I mean the interface shows the measured data in real time mode. I fount some tools like iftop and iptraf and many others in this url: http://www.ubuntugeek.com/bandwidth-...for-linux.html but non of them are suitable for my net I mean none of them have good web real time data and non of them shows "which local client made connection to which interface for connecting to internet".
View 2 Replies
View Related
Jan 27, 2011
how can i manually modify source.list to include debian repository from shell.since xorg isn't installed yet and the cd doesn't work well.
View 5 Replies
View Related
Feb 11, 2010
What is the maximum number of virtual network interfaces possible?I would like to create around 300 or so. This is needed to simulate a 300 node network.
View 6 Replies
View Related
Dec 20, 2010
Alright, every time I boot or shutdown my routing box, it hangs at configuring and deconfiguring network interfaces. Below is my interfaces file. I see no errors or warnings in my log and I am running a pure kernel, not tainted with proprietary drivers. All of my hardware is 100% supported.
[code]...
View 14 Replies
View Related
Sep 19, 2010
I have a question regarding Traffic Shaping in Linux, Suppose I have a server on the internet (web, email or ftp) and I want to shape outgoing traffic per IP, say 256k for each destination IP. I've seen examples on the internet on how to shape traffic per IP by adding a queue for each IP, and some examples by using u32 hash if I have e.g. a /24 network, but if I have a server and I want to shape the traffic by destination IP, and of course... since it is a server on the internet I can't manually define any IPs of subnets. An example using the tc command?
View 2 Replies
View Related
Jul 6, 2010
I have the following setup: Client A, having 2 network interfaces, eth0 and eth1, both with the IP address 192.168.1.1/32. Client B, also having 2 network interfaces, eth0 and eth1, with the IP addresses 192.168.1.2. The routing table on client A has one entry: 192.168.1.2 dev eth0 The routing table on client B has one entry: 192.168.1.2 dev eth1. Basically the idea is to send the upload traffic one one interface and the download traffic on the other interface. (Client B could serve as a gateway). However, with this setup, well... nothing works. The packets received by Client B are ignored. Does the linux kernel have anything against routing packets coming from an interface, although he thinks the source is on another interface?
View 4 Replies
View Related
Feb 8, 2010
I am manually capturing and injecting Ethernet traffic (using lib_net/lib_pcap libraries) for an application. At the moment , both capturing and injecting are done on the same physical interface (e.g. eth0). The problem is that all the traffic that I inject, are captured again by my application causing an unwanted feedback of injected traffic. This caused that I had to implement traffic filtering when capturing traffic, which is consuming resources and eventually will become too complicated to support.
I have tried using virtual interfaces to separate the capturing and injecting streams, but that also presented the same problem as all the traffic from eth0 is forwarded to both eth0:1 and eth0:2. If possible I would like both streams to go through 1 physical device, using more PDs will be the last resort. I am also looking at using TUN/TAP devices to try and separate the two streams, maybe writing a user-space program that lies between the physical device and the TUN/TAP devices to do the routing of traffic.
View 1 Replies
View Related
Feb 18, 2011
I currently run openVPN on my Debian box that provides secure ipv4 routing from my laptop to my VPS in a different country (and from there the internet via this box). This works fine. However, id like to sort out ipv6 through this VPN as well as IPV4 and not overly sure how to do it. The remote server itself has native ipv6 configured on device eth0 and it works (ping6, traceroutes all fine,incoming to web servers etc) nicely on dual stack.
How would i go about modifying the config (both client and server if needed) to enable openVPN to act as a tunnel broker to enable the laptop to use the ipv6 through the server as well as the old v4? (the internet connection laptop end will not/does not have native ipv6 from the ISP. Currently im using he-net tunnel broker but id like to run myself through my existing openVPN). VPN config details: Its using UDP, port 1194, creates a TUN interface, redirect-gateway etc and the rest is normal config. Edit:- if it matters the clients are all running windows so i cant use sh scripts to set up stuff client end.
View 1 Replies
View Related
Jan 6, 2016
As above, my wheezy 32bit hangs at boot. the last few lines displayed are
Code: Select allMounting local filesystems...done.
Activating swapfile swap...done.
Cleaning up temporary files...
Setting kernel variables ...done.
Setting up resolvconf...done.
Configuring network interfaces...
[Code] ....
I removed the files from /etc/network/interfaces.d/ just in case. i still can't boot up.
Resolved (I think) as on this post: [URL] ....
View 14 Replies
View Related
Sep 16, 2015
I'm running OpenVPN service on both debian server and client. When start connection between client and server, I expect all the computer traffic (except ARP and DHCP requests) go through created tunnel. However, when I capture packets on wlan0 on client (the only connection going outside host) using Wireshark, I can see DNS requests visible and sometimes incoming TCP traffic as well, but most of the traffic is going through tunnel as expected. I provide both configurations of client and server and client routing table for inspection. I changed server address to avoid server exploitation in the case of some big configuration mistake.
Commands to run OpenVPN services are:
Code: Select allFor client: sudo openvpn --config /etc/openvpn/client.conf &
For server: sudo openvpn --config /etc/openvpn/server.conf &
**Client routing table when VPN is OFF**
Code: Select allKernel IP routing table
Destination   Gateway     Genmask     Flags Metric Ref  Use Iface
default     192.168.1.1   0.0.0.0     UG  1024  0    0 wlan0
192.168.1.0Â Â Â *Â Â Â Â Â Â Â Â 255.255.255.0Â Â UÂ Â Â 0Â Â Â 0Â Â Â Â 0 wlan0
[code]...
I searched through many forums and documentation and I found, that for all the traffic going via VPN is command: *push "redirect-gateway def1"* neccessary, however, I have leaks despite this command being in place. I already spent over 2 days with this and tried to configure it in many ways, now I have no clue what I'm missing.
View 0 Replies
View Related
Jul 25, 2010
I need to be able to do the following: Physical Router located at 192.168.40.1 On Ubuntu 10.04 Lucid machine:
eth0 with static ip 192.168.40.2
eth1 with static ip 192.168.40.3
eth2 with static ip 192.168.40.4
Associate a virtual address to eth1 with an entirely different network address such as 192.168.50.1 Do the same (virtual address) for eth2 -- e.g. 192.168.60.1 In the application:
register phone number A at 192.168.40.1 (The application will automatically use eth0 for this)
register phone number B at 192.168.50.1
register phone number C at 192.168.60.1
Somehow forward all traffic (including the register request) sent to 192.168.50.1 to 192.168.40.1 as if the register had been made directly to 192.168.40.1. In other words, the app "sends" registration and traffic to 192.168.50.1 but then Ubuntu forwards it to 192.168.40.1 (but the app does not know that). Similarly, forward all traffic sent to 192.168.60.1 to the router at 192.168.40.1.
Do the same for the reverse, forward all traffic that the router sends back to 192.168.40.3 (eth1) to 192.168.50.1 (within the Ubuntu machine) so that the app knows it is for phone B. Similarly forward all traffic that the router sends back to 192.168.40.4 (eth2) to 192.168.60.1 so that the app knows it is for phone C. Thus, the application believes that it is registering at 3 completely separate routers on 3 completely separate networks via 3 separate network interfaces but in fact is really registering all three to the same router (but does not know that). Similarly, the router believes that it is receiving 3 separate registrations because it receives each registration request and traffic from 3 separate interfaces and thus 3 separate mac addresses (i.e., of eth0, eth1, and eth2). Traffic sent to and from the router for each of the 3 phone numbers (via eth0, eth1, and eth2) are not mixed because the translation happens in both directions.
View 10 Replies
View Related
Dec 12, 2010
I installed the PPTP Client [URL] and can successfully connect to my VPN (creates interface ppp0). The problem is, I'm trying to tunnel all of my traffic on my system through the connection. I've seen conflicting howtos and scripts including pptpclient's documentation (the ip-up and ip-down scripts don't work). How does one simply (even if I type it manually) tunnel the traffic?
System Info:
OS: Debian Squeeze, Kernel 2.6.32-5-686
GUI: Gnome (standard one from netisnt unstable install)
Main interface: eth1
PPTP interface: ppp0
View 1 Replies
View Related
Aug 11, 2010
I would like to redirect traffic coming from a machine A through a SOCKS proxy (setted on machine B)Machine B run "ssh -D 4242". So that create a SOCKS proxy on machine B.Machine A would like to connect on the internet, but the only way is to use machine B SOCKS proxy. The problem is machine A don't know how to use SOCKS Proxy. (Actually, i can just set ip, netmask and gateway on machine A).So, I would like to set up something on machine B that will redirect all traffic coming from machine A throught the SOCKS proxy.
View 1 Replies
View Related
Jul 10, 2011
I am running on debian squeeze 6.0.2. I have been using it for the last id say 3 weeks and really am enjoying it.
I generally use transmission-gtk to share files over the internet. Normally I seed torrents at 110-160kb/s for hours at a time. However after messing around with firestarter my upload speed for seeding torrents rarely peaks over 70kb/s. I have purged firestarter with no success of my regular upload speed, and am very confused as to what happened. I also notice sometimes when it will get to about 70kb/s it will immediately drop down to the 20-30kb/s range.
For incoming bittorrent connections I use port 37294. I have set port 37294 to be allowed in my firewall, and forwarded in my router (since purging firestarter did not help I just reinstalled it).
I have also read allowing ports 6881-6889 is important, but I have never done that in my history of using torrents, and I have never experienced a decrease in UL speed like this.
Have I done something incorrect? I have never had this issue on other machines?
View 2 Replies
View Related
Jun 9, 2011
There is a big problem with opensuse 11.4 and virtual interfaces.Until 11.2 outgoing traffic by default was sent by the eth0 address nevertheless which virtual interfaces did exist if any was used.Now there seems to be sent by the last interface listed with ifconfig.The outgoing address in this case will be 10.0.0.3.This is very problematic with smtp control etc.
View 1 Replies
View Related
Aug 14, 2011
i recently started sockets programming. In the process i began to look for relevant network information about my computer and realized that ifconfig wasn't displaying the same information that resides in my /etc/network/interfaces file. On the interfaces file my IP address is 192.168.1.109 for interface eth0 but ifconfig displays 192.168.1.101. I was under the impression that ifconfig got its information from the interfaces file but clearly doesn't. I tried re configuring the device with ifconfig and then disabling and re enabling the device with ifdown and ifup so that the device updated its information but it didn't.
[Code]....
View 3 Replies
View Related
Apr 4, 2010
a good IPTABLES protocol to reject all incoming ssh trafiic except for a single IP or IP range?
View 4 Replies
View Related
Sep 20, 2010
I have a strange iptables issues. I have just built a new Debian install and starting adding some real basic rules (see below) the problem seems to be that the localhost itself can't get any returning traffic. That is, it seems to be allowed outgoing traffic but not the connected, returning traffic. Ordinarily allowing Established Connections would resolve this, see the rule below, but it hasn't. Why this doesn't work. Removing the last DROP in the INPUT chains obviously makes the traffic work!
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -j ACCEPT -p tcp --dport 22
iptables -A INPUT -j ACCEPT -s x.x.x.x
iptables -A INPUT -j ACCEPT -s x.x.x.x
iptables -A INPUT -j ACCEPT -s x.x.x.x -p tcp --dport 80
iptables -A INPUT -j ACCEPT -s x.x.x.x -p tcp --dport 8080
iptables -I INPUT 1 -i lo -j ACCEPT
iptables -A INPUT -j DROP
View 3 Replies
View Related
Jul 30, 2011
I am running Debian Squeeze on an old pc (AMD K62-500) which serves as my multiwan router and torrent box. Internet uplink is provided via a dsl line and 2 wireless canopy modules.
Setup has been generally fine except when connecting/downloading as free user from sites like rapidshare, hotfile, filesonic, etc. The problem arises when I am connected to these sites using the wireless uplinks because of the shared public ip. I don't really download that much using direct download methods so I don't really see myself being a premium user from these sites.
If these sites are on a specific ip or ip range, an entry on the static routing table would have been fine but when I tried using ping, a different ip would appear to reply each time.
I wonder if there can be a solution like using iptables where in traffic to and from these sites will only use the NIC connected to the dsl line.
View 1 Replies
View Related
Mar 28, 2016
I am in serious situation involving PPTP protocol VPN in Debian 8 Jessie stable. I recently became a paid VPN subscriber. Using PPTP; Is there a way to automatically route all traffic through ppp0? Im getting the vpn service killed (ip address goes back to normal unmasked state) whenever there is a power outage (modem reset) and there are alot of those where I live, Im going to get astabilizer and I need a software solution for the situation as well. Theres gotta be a way to route all traffic through the VPN route ppp0 . I tried adding persist and maxfail 0 to the pptp config file but it did not do what i wanted.
Here's my peer configuration file :
pty "pptp blabla.net --nolaunchpppd"
name blablabla
password blablabla
remotename PPTP
file /etc/ppp/options.pptp
require-mppe-128
refuse-eap noauth
persist
maxfail 0
On a second note, its clear to add that I basically need a way to also auto load the line
pppd call blabla.net
and
route add default dev ppp0
On system startup by default so the computer does not use "Wired" connection ^at all^ when not through ppp0. Any other way of not losing VPN anonymity ever due to hardware malfunction.
Is there a way to do this? Ive looked on the net and everything seems like its either from the nineties or can fry my pc , Im no debian expert, less than a year at linux..
Need it to use wired only if ppp0 is being used so if its no vpn, no connection at all period,
View 1 Replies
View Related
Jun 19, 2015
I cannot see my debian linux machine in my virgin media router>>attached devices. I can see everything else including my raspberry pi.
The box is headless but I connected up to tv temporary and did ifconfig and got the ip address. I can ssh to it and connect to minecraft server I have running on it but I would like to know why I cannot see it in the router.
View 4 Replies
View Related
Dec 23, 2015
I have Debian 8 with VBoxGuestAdditions (4.3.18). I can connect to this box from Win7 using RDP (mstsc.exe). When I connect from Windows 10 using mstsc.exe I've got error code 2308. I tried NoMachine, 2XClient, RoyalTS none worked.
W10 connecting with RDP to Linux server? If I would install xrdp onto the Linux server would it work for me?
Is it possible to connect from Win10 to Linux using RDP?
View 4 Replies
View Related