From what I've read, when linux sends a ping it sends without the netmask, so windows server assumes it must be a broadcast? Why doesn't linux send a netmask with a ping?
View 6 Replies
Struggling to get my Linux server accept ICMP redirects not originating from default gateway. No problem to get it working if the redirects is originating from def gw.I know it's not a good solution security wise, but my network is so cluttered I'm forced to do so.
View 1 Replies View RelatedI have recently just got another internet connection at home via cable as well as my exisiting DSL connection. I was wanting all my web browsing that I did via squid to be redirected down the cable connection. The box has a single nic at the moment and the default route sends it via the dsl connection for the mail server that is also running on the box.I was hoping that anything that hit squid would go down the cable connection that is plugged into a router and thus I can route to 172.16.2.251 and everything will go out via cable.
I was reading about iproute2 and marking the packets and is wondering whether this is the way to go?
I'm using OpenWRT on a WRT54GS. I'm using wifidog in combination with openvpn. For those of you familiar with wifidog, my auth server is located at the other end of an openvpn tunnel and the "wifi dog gateway" is running on the WRT itself. I'm don't really think that wifi dog is the issue. Basically, I'm using openvpn with the "redirect-gateway" option which works well. In this mode, openvpn removes my current default gateway setting and adds the remote openvpn server as the default gateway (as it should). However, overnight, my default gateway on the local network keeps reapperaing (along with the openvpn one as well).
This causes confusion and I don't want any packets (But ovbiously the connection to the actual openvpn server) to go down this local gateway. Why do you think it reappears? Do you reckon openvpn is dropping connection and somehow the normal gateway is being added back? I *could* run a cron script which runs every minute or so with something like "route del default gw xx.xx.xx.xx" (where xx.xx.xx.xx is the default gateway which I don't want to be there) but that is quite messy and means that if I were to ever move the router I would need to reconfigure this and considering that I would like in the future to have many of these wifi dog gateways, this really isn't an ideal option (as every network will have a different default gateway).
To be able to use my 3g connection from my laptop I am using Azilink.Azilink work by setting up a little Openvpn server on your smartphone then you connect to your smartphone from your laptop with OpenVPN.From there what i wanted was to use a second VPN connection to an external Linux host and redirecting all my traffic to that tunnel... (redirect-gateway + iptables)It is working but partially..Here is the way I connect through my phone (all steps are I think important for the routing issue...)
1) I plug the phone then a usb0 interface is created with the 192.168.239.5 ip adress (my phone is 192.168.239.4)Then adb connect 192.168.239.4
2) I have to enable a port forward on my phone adb forward tcp:41927 tcp:41927
3) I run the openvpn script (to connect to my phone on wich i have launched Azilink)
So Openvpn connect to 127.0.0.1:41927 (to my phone) From there I have a Initialization Sequence Completed
At this time I am connected through 3G via my smartphone to the Internet..And as you imagine i don't want to enter all the IP adresses of Internet minus RFC1918 manually via route command.I think the problem comes from the fact that when i do the route add default gw 10.8.0.5 it is overwritting all the routes required to establish the first and the second connection am i right? Could someone help me solve that issue ?
I am setting up a virtual server. Ubuntu 11.04, "minimal provider image".UFW was disabled by default. I set it to default deny. Allowed HTTP, SSH and other standard stuff, and enabled it. All seems to be OK. Adding one rule to block some annoying security scanners causes ping not to work. I'm not an Iptables expert, but it looks OK to me. I got it from some website, rather than invented it myself, but modified to to fit the ufw config file syntax. What in that rule prevents pings?!? It seems completely unrelated.
View 1 Replies View RelatedI am trying to get a Linux (Slackware 13.37) working in a Windows networking environment. The IT support for this organisation does not extend to Linux support, so I'm limited in what help I can get for this.
I'm trying to get to the point where I can get to the internet to download what I need on this Linux machine.
The situation is this (*fictitious addresses used) -My Linux machine uses a fixed IP address (10.100.150.21)
My Windows machine uses a DHCP assigned IP address (10.100.150.213)Both Linux and Windows machine are configured to access the gateway server (10.100.150.1)So, I can ping the Linux machine from the Windows machine and vice-versa.I can ping the gateway machine from the Windows machine.I can browse Windows Shares on the network via SMB from the Linux machine.I CANNOT ping the gateway machine from the Linux machine with the Destination Host Unreachable message being the error message.
For actual internet access I need to access a proxy server but since the Linux machine can't even ping the gateway server, it fails to ping the proxy.Now, I have been told the gateway is a HW based router and for Windows machine they use some software for authentication to connect to the network. This software isn't available for Linux, so that's why I've been told to use a fixed IP address.My experience of networking is pretty basic and most of the Linux setup is done via running Slackware's setup program.
And I'm currently working on a new CentOS 5 install I've made on a computer I've got.. So I'm now trying to get that computer to reach my home network through one of my other computers, which have got XP installed. I've configured the XP computer to act as a gateway from one network card to another, and It works with another XP pc, but no luck with my CentOS 5. I used this link [URL] And I configured the correct network card.
So.. the IP of the XP machine is 192.168.1.70, which I have set as a static. So that the CentOS will find it. And I've connected the (fully working) network cable correctly.
What do I have to do?
I have configured the CentOS to recieve an IP dynamically. (dhcp).. Might that be the problem? (well.. one of the problems.. I've tried to set it to static.. ...?)
Is there more to it than this? I mean when I'm working on communication through an XP machine... ?
I have been beating my head for the last few weeks on this problem, (although I have been taking the wrong approach, it seems).
I need a gateway to direct web traffic to three separate servers/domains. I have been trying to do this with both a dns server and , (seperatly), apache server to forward requests. The dns server was a no go, and <i can only get apache to redirect http and ftp.
After Googling this ALOT, I believe that what I need is a gateway server to redirect my traffic to the 3 different servers. I have been reading about using using nat and iptables for this and was wondering if anyone had any advice/suggestions on this. The other thought I had was to use something like pfSense to create the gateway, but I am still reading the documentation, and I am unsure if this approach will work.
I am trying to make my fedora 15 my gateway instead of my old D-Link, but I can't seem to get it working.
View 5 Replies View RelatedI've just installed fedora 10 on my Dell Inspiron 1525, and I can't connect to my wireless net. I know how to manually enter the SSID (and have no clue what a BSSID is), MAC address, and I know it's infastructure (well, it's not ad-hoc, so it must be).
The problem is, my router uses a 64-bit encryption protocol, and there's no '64-bit' key option under Wireless Security's dropdown. Is there any way around this, aside from either changing the encryption protocol, or plugging it in manually (neither of which are options)?
OS:Fedora core 6
I have just changed my gateway address,now I can access internet with my browser but unable to run add/remove software as it says no network connection available,system updates are not working as well. What should I do make these working?
I setup my computer to share printers on home network. So I set my F11 PC for manual ip & it works fine for print sharing but now I can't get to the Internet. I noticed under manual settings that every time I set the gateway & try to apply it, it jumps back to all 0's. If I set it to DHCP, I get to the Internet no problem. I just have 2 wireless configs right now 1 for printing & 1 for Internet but it would be a lot easier if I could just use the one manual setting & get it to keep the gateway setting. I'm using a Linksys WRT54G router. And I do select a manual IP outside the range the router uses for DHCP.
View 7 Replies View RelatedI have installed fedora 11 64 bit on a new computer. I have no problems accessing the computers on my local network, but can not get past the gateway. The gateway is running windows XP with IP address 192.168.0.1 and is named "internet". When I boot the new computer in windows, there is no problem. Here is the output of some commands I saw in other posts with similar problems:
$ /sbin/ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:24:8C:7F:10:0C
inet addr:192.168.0.245 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::224:8cff:fe7f:100c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
[Code]....
I have 2 gateways on our network. What is the easiest way to be able to switch between using one or the other gateway? I am using Fedora 12 32 bit.
View 2 Replies View Relatedhow to identify the icmp packets & marking. this below icmp packets marking is not working.
iptables -t mangle -A PREROUTING -p icmp -j MARK --set-mark 0x5
iptables -t mangle -A PREROUTING -p icmp -j RETURN
with the help of port no or any other how can i identify the icmp packet ?... This below two is working fine
iptables -t mangle -A PREROUTING -p tcp -j MARK --set-mark 0x2
iptables -t mangle -A PREROUTING -p tcp -j RETURN
iptables -t mangle -A PREROUTING -p udp -j MARK --set-mark 0x3
iptables -t mangle -A PREROUTING -p udp -j RETURN
I run a linux box as a gateway behind a satellite modem. The internet link over the satellite modem is only 1mbit so the usage often reaches 100% when someone is downloading/uploading something. I am seeing my ping return time jump from 700ms to 6000ms if someone tries to upload a file (by sending a attachment in a email etc). The satellite operator is saying this is normal, but I have my doubts.
Has ICMP got a lower priority? Should I really be seeing this behaviour? I understand that if it was a TCP packet then it would just be queued until the previous acknowledgement has been received. And if it was a UDP packet then it would have been dropped, but how does ICMP deal with these situations during heavy traffic?
Is there a way to set the IP that's returned in an ICMP TTL exceeded packet? Reason I ask is I have an edge router with several upstreams, and several downstream routers, and when I traceroute to it I would like only one of it's IP's to show up in the trace (Instead of each . Much like some of the larger ISP's do to mask the IP and hostname of their internal routers.. Is this possible?
View 2 Replies View RelatedI have One Server which is having IP 10.176.0.155. I want that client 10.176.0.135 is not able to ping this server only & cane it is possible to block through hosts.
View 1 Replies View RelatedWhy linux traceroute uses UDP protocol, we have basic ICMP protocol which is used in MS-windows tracert.Any specific use of traceroute using with UDP,TCP than ICMP?Windows is displaying all HOPs address but linux printing *.*.*
View 8 Replies View RelatedI have a C program which does.
1. Creates a UDP socket
2. Send the UDP Request packet to the TFTP server.
3. If the TFTP server is not listening in the 69 port, the remote machine send an ICMP ("Port Unreachable") message.
Is there a way to receive a notification from the Linux kernel on receipt of an ICMP packet to the created UDP socket.
icmp request from an ip that is in the same network as one of the local interfaces is not responded to, if the ping request is received via an interface in a different network. Is this some security feature?
Consider the below network
x.1|RTR1|-y.1---------y.2-|RTR2|-z.2------z.3-|LNX|-x.3
RTR - Router
x.1 -> 192.168.x.1
LNX - Linux machine
[Code]....
So im trying to get an icmp tunnel setup using ptunnel. When I run it under the same network and use to connect to RDP, it works fine, however when go outside my network and connect in, it does not get anywhere. I can confirm that I have forwarded ICMP packets to the server (if I ping the external ip it will show the status of the server if I unplug it) and that the server is showing signs of registering it.
On the client it just tries to resend the packet "Resending packet with seq-no 0" Over and over Firewall is off for testing so thats not the issue.
I have a fedora 14 box which has a static IP and I can not contact the internet or even my gateway router.I know it has to do with my kernal IP routing table but I can not find the command to do what I need...Here is my kernal IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
My gateway is 192.168.1.1 and my static IP is 192.168.0.2.
7.2 Home Network Gateway. Has anyone used this gateway and will it support both desktop and laptop I ask this question because I use my desktop at home and when traveling the laptop. The desktop has Fedora and the laptop has cut my tounge out vista.
View 5 Replies View RelatedI tried to ping some of the pcs on the local network but for those with icmp disabled it doesn't work. I've used
Code:
nmap -sP 192.168.2.0/24
Installed Ubuntu Server 10.10, included Apache, PHP, and OpenSSH. Apache is up and serving pages, I can connect using PuTTY no problem. Server responds to a pingHowever, attempting to use ping or traceroute from the server results in a Destination Unreachable. Happens even for other 192.168.1.10x boxes on the local network
View 1 Replies View RelatedWhy firewalls does not allow ICMP echo request packets. Why are pings not allowed to certain systems?
View 1 Replies View RelatedCan any one tell me a network monitoring tool which can monitor remote connectivity and generate a comprehensive report about the link state like up/down, error timings, increase in latency and packet loss rate.
View 3 Replies View RelatedOn my system, I have built my own tunneling protocol, where I relay packets over a non-standardized but verified medium. What I do is capture the packets using iptables and NFQUEUE, relay them over my medium, and at the other end I reinject them using raw sockets. The packet going into the tunnel is exactly the same as the one coming out, verified. The problem is that this doesn't work for ICMP Ping (Echo Request) if the destination of the ping is the same as the tunnel endpoint. If the destination is not the same as the tunnel endpoint, the ping packet is rerouted and arrives as it should at the receiver, and the ping reply comes back to the sender. Does anyone know whats going on? Isn't it possible to send raw icmp to yourself? If not, anyone have an idea what I should do instead?
View 1 Replies View Related
