General :: Forward Packets To Another Computer In Net?
Feb 17, 2009
I have a computer with a BSD subsystem that is acting as a router to other Windows computers.
On one of my Windows, I have an Apache Web Server that I want people to access from the outside world.
So, I have created an ipfw rule in my router computer that goes like this: ipfw add 100 fwd 10.0.2.2 ip from any to any dst-port 2443
Thing is, nothing happens.
I've tried changing the ServerName in my Apache to match my IP address (which is the destination IP of the incoming packets, I imagine) but still, nothing.
View 1 Replies
ADVERTISEMENT
Sep 27, 2010
I have a hardware device with two ethernet ports, eth0 and eth1 running Centos 5. Basically my goal is to forward packets from eth0->eth1 and eth1->eth0 as well as get a copy of these packets for analysis. If I set IP routing to do the forwarding then I won't get a copy of the packets for analysis.
View 3 Replies
View Related
Mar 8, 2010
I've a webserver at 10.10.0.55. Above in the hierarchy are managed network cisco switch / router and ASA firewall (the usual stuff). I also have a mail server at 10.10.0.200. I was told by the network admin that he can't forward port 80 to webserver and port 25 to mail server. Basically he said that it's a one-to-one (external.ip-to-internal.ip) mapping and all traffic, no matter what port it's destined for must go to 10.10.0.55. So, I turn to the wonder that linux is. The webserver is running Centos 5.4. Currently, all packets on port 25 are coming to the webserver. I want to forward all these packets to the email server. Note: the webserver only has one interface: eth0. I turned to web for help and did this in iptables:
Code:
$IPT -A FORWARD -p tcp -s 0/0 -i eth0 -o eth0 -d 10.10.0.200 --dport 25 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
It didn't work. I am assuming that since I only have one interface, a simple rule to the filter table and forward chain will not work.So i use the NAT table and try the following:
Code:
echo 1 > /proc/sys/net/ipv4/ip_forward
$IPT -t nat -A PREROUTING -p tcp -i eth0 --dport 25 -j LOG --log-prefix PortForward: --log-level 7
$IPT -t nat -A PREROUTING -p tcp -i eth0 -d 68.***.26.*** --dport 25 -m state --state NEW,ESTABLISHED,RELATED -j DNAT --to-destination
[code]....
First of all, since there is no service/daemon listening on port 25 on the webserver, is it even going to work? Isn't the webserver simply going to discard packets on port 25? I am assuming that packets go through the iptables first, and so iptables should route the packets to the email server, where there is postfix listening on port 25. Am i right? Also, as you can see in the code above, all packets coming on port 25 on the webserver should be logged. But they aren't. In order to troubleshoot, I'd like to at least know that packets are coming into the iptables. But since it's not logging, I can't find out what's wrong.
View 7 Replies
View Related
Sep 16, 2010
I need to route packets coming from a standalone switch port which is a mirror ("tap") of another port ("source"). I can't seem to forward packets whose MAC address is for a different device (the actual "target" of "source"). My device is in promisc mode,I can see the incoming packets in tcpdump and Wireshark. The only packets which get forwarded are those which have my MAC destination address (I changed the wiring to come straight from source and not the mirror port, to get "my" MAC address in the packet). My routing table is configured to forward and I have ip_forwarding enabled, obviously (otherwise packets sent to my MAC wouldn't route). By the way, the incoming packets are all VLAN tagged and I have matching subinterfaces.
Q1 - is this inherent, that packets won't get "passed up" to the IP layer unless the MAC addresses match?
Q2 - Would ebtables be a good solution, i.e. rewrite the dest MAC address to my own MAC addr and send to the INPUT target?
View 5 Replies
View Related
Feb 9, 2011
I'm a student who is working on a wireless research project. I have a madwifi driver for Atheros chipset on Debian Linux. With having the wireless interface get into monitor mode, I want to forward the captured packets from the wireless interface to the other Ethernet interface so that a different computer which is connected to this machine via Ethernet receives those packets. I checked that alll packets are received in the wireless interface using TCPDUMP. I tried to forward those packets with IPTABLES like 'iptables -p FORWARD -i ath0 -o eth2 -j ACCEPT' However, I couldn't see any packets forwarded to eth2 using TCPDUMP.
View 5 Replies
View Related
Mar 24, 2011
I notice that my bittorrent client is capable of automatically setting up port forwards with my router, and I want to know if I can do the same in a shell script. The reason is, that since my router is stupid and won't let me keep static IP addresses (it seems they forced a DHCP refresh every week to make me want to pay for a more expensive model which doesn't), I need to get my computer to change the port forward to follow my computer's changing internal network IP address. I have a couple of port forward manually entered into my router settings for web interfaces to bittorrent etc, but of course these have a good chance of being invalidated at each DHCP refresh cycle.
View 1 Replies
View Related
Aug 30, 2010
i need to write a program in c that can sniff packets from Ethernet and distinguish RTP packets from Non-RTP packets, i have no idea what should i do
View 9 Replies
View Related
Apr 4, 2011
I'm trying to use iptables in order to forward all the incoming packets for port 5555 to port 5556 on the same server (192.168.2.101).
I wrote the following commands:
iptables -A PREROUTING -t nat -i any -p tcp --dport 5555 -j DNAT --to 192.168.2.101:5556
iptables -A FORWARD -p tcp -m state --state NEW -d 192.168.2.101 --dport 5556 -j ACCEPT
View 3 Replies
View Related
Jun 10, 2009
Suppose I have computer A with ip address on eth0 of 192.168.0.1 and ip address on eth1 of 192.168.1.1. If I send packets to 192.168.1.1 from computer A, it automatically uses the loopback interface. Is it possible to modify the routing table some how to send these packets out on eth0 instead and have them route around the network and come back on eth1.I've tried 'route add -host 192.168.1.1 dev eth0' but it seems to completely ignore this entry.
View 5 Replies
View Related
Jan 3, 2011
I have a computer who has a wireless card I use for my local network and Internet. I have a second network card on this computer (onboard lan card), that I would like to use to forward an Internet connection to a older-generation laptop computer.
Main Computer Connection to Internet:
Internet > Wireless Router > Computer A
Laptop Computer:
Computer A > Laptop (via cat5 cable connecting my main computer to the laptop)
View 9 Replies
View Related
May 18, 2010
I'm trying to make my wireless router always give me the same ip address every boot (192.168.1.100). I do not have a static ip address from my isp.
Everything I've tried from online help has made my internet break and I'm not even sure what exactly I should be searching for on google.
Ultimately, I'm trying to get my wireless router to forward ftp requests to my computer which shares the network with an xp machine. I think this is the way to go about it.
View 8 Replies
View Related
Feb 8, 2010
i have a linux server runnig oracle applications. i need to access this server from putty using ssh through internet. i did by registering my static ip with the dnydns.org and i am able to connect to the server. but now there is no security to authenticate any user as any one knowing the password can login to it.
i thought of configuring the firewall of linux server but the client ip`s are not static and they change continiously. so thought of keeping one more pc between the server and the router which will do the work of authenticating. but i am confuse as how to configure it to allow the packets coming from the internet after authenticating and to by pass the packets generated from internal LAN?
View 8 Replies
View Related
Jun 2, 2011
I'm trying to drop all packets from the internet that use a fake ip address so they appear to come locally.
Do I need both lines or only the first ?
--append INPUT ! --in-interface lo --source 127.0.0.0/8 --jump DROP
--append INPUT ! --in-interface lo --destination 127.0.0.0/8 --jump DROP
View 1 Replies
View Related
Apr 13, 2010
I'm running Ubuntu 9.10 server at home on VMware Workstation 7. I have two NIC's configured, one NIC is setup to have a direct connection to the network "Bridged", another NIC is setup to have a private network connection on VMnet1.
Network card 1 - 192.168.1.160 (Bridged)
Network card 2 - 10.1.1.1 (Internal access only)
So when I try to access the Internet, I can not go out on the NIC 1. If I try to ping google.com I get a return from 10.1.1.1 "no reply". But I know that NIC 2 is working, because I can ping 192.168.1.160 from the workstation I'm running on.
So I think that my routing is sending traffic out to the wrong NIC, but not sure if this is a metric in the iptables or another place?
The reason for two NICS is to simulate a DMZ where the server will be running Squid, to test proxy from another workstation on the 10.1.1.X subnet.
View 3 Replies
View Related
Mar 11, 2010
Does gzip have the capability to decode gzipped traffic? I have been beating my head against the wall with this issue. What I'm trying to do is capture traffic between a web server and clients, and I've got it set up where it's redirected to a file for ease of grepping, however it's seemingly incapable of decoding gzipped encoding. I know I can do this with tshark, I'm curious as to whether tcpdump has this capability (i.e. only using tcpdump, and not some additional tool like tcpshow or what-not).
I can't find much on this issue in the man page for tcpdump, but it is fairly lengthy, so it's possible that I missed something, but I don't see that as especially likely.
View 2 Replies
View Related
Apr 9, 2010
I have two IP address on my iMac I want to "bridge". I'm not sure what the proper terminology is... here's the situation.
My iMac has a firewire connection to my laptop and an ethernet connection to the rest of my office. My laptop has an ip of 192.168.100.2 (on the firewire interface). My iMac has an IP of 192.168.100.1 on the firewire interface, and two IPs, 10.1.0.6 and 10.1.0.7, on it's ethernet interface.
If I wanted to forward all traffic coming in from 192.168.100.2 on my OS X machine to go out on IP 10.1.0.7, and vice-versa, can this be done? I assume I would use the ipfw command.
Essentially I want to "bridge" the firewire network to the ethernet network so my laptop can see all the machines on the 10.1 network, and all those machines can see my laptop at 10.1.0.7. Is this possible?
View 3 Replies
View Related
Jan 7, 2010
I am trying to do a NAT forward in iptables but get the following error:Quote:[root@server88-xxx-xxx-198 openvpn]# iptables -t nat -I POSTROUTING -i tun0 -o eiptables v1.3.5: Can't use -i with POSTROUTINGAny ideas on what to do?I have an OpenVON server running and I need the client to use the ports on the OpenVPN server
View 8 Replies
View Related
Aug 9, 2010
I want each packet (that match iptables rule) to be delayed by some fixed time interval. How to to this?
Preudocode: iptables -A INPUT -p udp <more conditions> -j DELAY --delay 50000 # delay UDP packets for 50 milliseconds
Update: @related http://superuser.com/questions/147156/simulating-a-low-bandwidth-high-latency-network-connection-on-linux
View 1 Replies
View Related
Apr 27, 2010
What is the syntax to capture packets from multiple host through tcpdumptcpdump ip host host1|host2|host3|host3
View 3 Replies
View Related
Feb 8, 2011
how to fix this error: I wanna compile a C program which niffs the network for arp packets and prints them out ,I keep getting this error:
undefined reference to `pcap_parse' I have installed every thing new version of pcap ,..
View 4 Replies
View Related
Jul 25, 2011
I have users using Windows XP, Windows 7, Linux (Fedora) and Mac. They all are in a single private network and all access internet through a Linux (RHEL5) system in which Squid acts as gateway. The same is true with my branch offices too except that private network is different and gateway system uses Fedora 9 instead of RHEL5. All the branch offices are connected through point to point leased lines with the head office for file transfer.
My requirement is this: I have a web server located at head office. Presently I am able to access this server from my branch offices through internet. I would like to access this server from branch offices through leased lines. This too I am able to access if I do routing in users system. The file transfer is taking place through one to one system at two ends by creating static routing in those systems.
View 1 Replies
View Related
Jul 3, 2010
I'm trying to capture packets with WireShark on 2 port ranges.
This syntax is not working :
Quote:
bash-3.2# /usr/sbin/tcpdump -ttttvv udp portrange 8500-8600 and portrange 5060-5070
There is no output...
What is the correct syntax for defining multiple port ranges ??
View 4 Replies
View Related
Oct 10, 2010
My company is changing it's mail subdomain...Example: [URL]. I wanted to build a sendmail box up to handle this until all the sending parties get the new address. I'm sure it's in the rewrite hearder part of sendmail.cf but I just don't understand how to doit.
View 2 Replies
View Related
Feb 1, 2010
We are currently having a windows virus outbreak in our corporate network, all the it guys using windows machines and they are infected of course.
My question is I have a internet enabled ubuntu 9.10 machine with two nics.
eth0 is for internet and I wanna distribute my internet connection from my other nic.
There are alotta switches and access points in our network but i placed my ubuntu desktop just like the infected windows machine. Everything seems working except other clients internet connections.
How to share internet connection on eth0 to eth1
View 2 Replies
View Related
Dec 29, 2010
I am trying to find a way to tell postfix to forward all emails from
dbsupport@thisdomain.com
and
helpdesk@thisdomain.com
to
be sent to admins@thatdomain.com, but it is not working. I am trying transport maps. The content of my transport file is:
Quote:
helpdesk@thisdomain.com smtp:admins@thatdomain.com
Quote:
dbsupport@thisdomain.com smtp:admins@thatdomain.com
Both [URL] and [URL] are on box1 as an alias in the /etc/alias file like this:
root: helpdesk@thisdomain.com
root: dbsupport@thisdomain.com
how to get this working?
View 1 Replies
View Related
Aug 9, 2010
I'm looking for an open source/free network emulator tool that I could use on Mac OS X, to simulate a slow network connection, limited bandwidth and other network characteristics such as dropped packets etc for both UDP/TCP connections (or even on the physical layer).
I'm looking for the simplest solution that would allow me to run TCP/UDP servers and have a few clients connect to them on localhost emulating various network connections. I'm mainly wondering if I can use something like Linux's netem on Mac OS X (or even better cross-platform Windows/Linux/Mac). Perhaps I can run VirtualBox and a Linux kernel running netem, has anyone had luck with that?[URL]...
View 2 Replies
View Related
Sep 12, 2010
I've been receiving a LOT of log cruft ever since I installed my WUSB100V2 (using the rt2870sta community driver from the Linux kernel) and was wondering what it all meant.
Many times when these messages occur it is accompanied by slow network speeds and many DNS queries and outgoing SYNs being dropped. I have searched for documentation for these (error?) messages and have come up empty as far as what they mean or how I can stop them from occurring.
I reside on the opposite side of the building from my WAP. I have taken steps to improve the signal strength, but the signal quality hovers between 50% and 70%, sometimes dropping to 40% for unknown reasons.
My /var/log/messages:
Sep 12 05:04:40 necronomicon -- MARK --
Sep 12 05:29:48 necronomicon kernel: 0:3 LTL=0 , TL=0 L:4284
Sep 12 05:29:53 necronomicon kernel: 0:3 LTL=0 , TL=0 L:4104
Sep 12 05:30:06 necronomicon kernel: 0:3 LTL=0 , TL=0 L:4156
[code]....
View 1 Replies
View Related
Mar 30, 2011
I have a linux box with two interfaces: eth0 is a builtin and eth1 is a USB-LAN.
There is an IP configured on eth1.
eth0 is up but no IP is configured. This interface is used for sniffing with tcpdump.
The problem is that eth0 frequently stops receiving packets -- my tcpdump captures are empty, and if I look at the interface stats with ifconfig, I can see that no packets are received.
If I bounce the interface (ifconfig eth0 down; ifconfig eth0 up), it starts receiving packets again.
View 1 Replies
View Related
Mar 6, 2010
I just installed Slackware 13 with xfce and everything went well (eventually). At first, my wireless didn't work, but then I found /etc/rc.d/rc.wireless.conf. Everything was working, and I was happily surfing and downloading packages.But then one day... It just stopped! I tried to ping google, and it could send packets but not receive them.I'm connecting through an unlocked network in my building, so I guess it's DHCP (thats what i set it up with the first time 'round
View 1 Replies
View Related
Jul 28, 2010
My router has two bridges, br0 and br1. I'm sharing wifi access, and the guest subnet will be 192.168.2.x.The home subnet will be 192.168.1.x. I want all traffic destined for port 80 from the guest net to forward to a proxy port on a box on the home network. That's the only traffic I want to cross the bridges. How do I set this up with iptables on the router?
View 1 Replies
View Related
