Networking :: DNAT On First SYN ACK Packet

Aug 19, 2010

I am trying to simply address translate TCP packets from one destination IP to another destination IP (DNAT?) without getting the initial SYN packet. Is this possible? I do not think it is with DNAT since the conntrack needs SYN first.

I have given the command:

The problem is that the first packet that matches this rule will be the SYN-ACK and I suspect it is simply DROPPED.

I am sparing you the gory details of why I would do such a silly thing, but simply put; I need to intercept client-to-server packets through a tunnel, but allow server-to-client packets to follow through the regular network.

I have been working on this for many days w/o success and my learning curve is still steep. I can provide more details as needed.

View 2 Replies


ADVERTISEMENT

Ubuntu Networking :: Send The Keys Or Value As The Packet Data (content Of The Packet) In Ns-2 (for Wireless Environment)

Jul 12, 2010

I am the new user to ns-2. I would like to know is it possible to send the keys or some value as the packet data (content of the packet) in ns-2 (for wireless environment).

View 1 Replies View Related

Ubuntu Networking :: Iptables And DNAT ?

Mar 10, 2011

I'm having a complicated iptables problem. I'm using a linux poweredge 1750 with 4 ethernet interfaces and 1 wireless interface as a router/firewall/wireless access point.

The Computers on the inside can connect and communicate just fine. The access the outside world and other internal devices with no problems.

DNAT from the outside works just fine for things like ssh, webmin and http. But some protocols and services (ftp with filezilla and runuo) use ports to connect. And then, it is like they hand off the rest of the communication to other seemingly randomly determined ports. And that is when the conversation gets dropped. How do I configure my router to notice these port changes and continue to DNAT the conversation?

View 2 Replies View Related

Networking :: Using Iptables Dnat For Redirection?

Oct 18, 2010

I have been trying to achieve something through iptables but something is going wrong. I want connection/packets arriving to a specific computer (let's call it "server") from another specific computer ("client") inside the same network to be automatically redirected to a remote computer in the internet and vice-versa. I tried doing that using iptables with these commands on the "server" PC:

Code:
iptables -t nat -A PREROUTING --source 'client-ip' -j DNAT --to-destination 'remote-pc-ip'
iptables -t nat -A PREROUTING --source 'remote-pc-ip' -j DNAT --to-destination 'client-ip'

[code]....

View 2 Replies View Related

Fedora Networking :: DNAT To Localhost Not Supported?

Dec 4, 2009

I'm having problems with NX, it's doing strange things, trying to connect to some IP host in timbuktoo because my DNS provider's DNS sucks AND because NX is looking up the host "localhost" without first consulting my hosts file (which nsswitch explicitly tells it to do). THAT's all beside the point.

To work around this apparent bug in NX I tried creating an iptables rule to redirect traffic destin for a certain IP (10.x.x.x) to localhost (127.0.0.1) with the following rule: iptables -t nat -I PREROUTING -d 10.x.x.x -j DNAT --to 127.0.0.1. After adding the above rule, my attempts to connect to that host continued to get routed right off into the internet where I DIDN't want them to go. Instead of being redirected to the localhost/loopback address.

It seems DNAT to localhost is not supported? A Google search reveals many other people having this issue but blaming it on everything but iptables. I'm proposing that it's not supported, by design or not, to redirect traffic from a NIC to the loopback network?

View 1 Replies View Related

Networking :: Port Forwarding (DNAT) Won't Work

Jun 3, 2011

I'm trying to understand and set up port forwarding with iptables. So far I've read a lengthy tutorial on iptables, and I've Googled for hours, searched this forum, but I've been unable to come up with a solution that works for me.The situation I would like to achieve is the following: on one machine, there is a TCP server running bound to its external IP, port 9999. I would like to let another machine connect to this TCP server on port 9000 by forwarding port 9000 to 9999.All the policies of the iptables chains are set to ACCEPT; and I have set net.ipv4.ip_forward = 1. I have no problems using SNAT/MASQUERADE on the same server machine.I have tried the following:

Code:

iptables -F
iptables -t nat -F
iptables -t nat -A PREROUTING -p tcp -i eth0 -d ${SERVER_IP} --dport 9000 --sport 1024:65535 -j DNAT --to ${SERVER_IP}:9999

In order to test this rule, I started a TCP echo server on port 9999. I can connect to it on port 9999, but not on port 9000- this gives me 'connection timed out'. When I do 'iptables -t nat -L -v', I can see that the rule does get matched once per connection attempt.

View 1 Replies View Related

Networking :: DNAT IPtables - Default Gateway For Return Packages

Nov 26, 2009

Client which uses an ISP with a Linux machine (Server 1) with two network cards. Eth0 with ip 1.1.1.2 and gateway 1.1.1.1 these ip's is not public ip's and falls unders the isp's internal range, eth1 with the internal ip range. OpenVPN listen on eth0 for incoming connections. We want to connect to Server1 from external networks. Due to different reasons the isp could not get the routing sorted and give us an public ip on his network. We had to setup another bos (Server2) with eth0 2.2.2.5 and gateway 2.2.2.1 which is public ip's and eth1 with ip 3.3.3.5. Server 2 can communicate via the ISP internal network with server 1. I use DNAT to forward all incoming connections on server 2 to server 1 but the problem I have is that server uses its default gateway for the return packages and does not sent the reply back to server 2. My iptables rules looks as follows on server 2.

/usr/sbin/iptables -t nat -A PREROUTING -p udp -i eth0 -d 196.25.157.135 --dport 1194 -j DNAT --to 192.168.100.170:1194
/usr/sbin/iptables -A FORWARD -p udp -i eth0 -d 192.168.100.170 --dport 1194 -j ACCEPT

View 5 Replies View Related

Networking :: IPTABLES DNAT For Packets Originated Within The "firewall"?

Aug 26, 2010

I'd like to (if it's possible, of course) to redirect the packets originated within a linux box, and I've been tryin' to do it through the OUTPUT chain in nat table:

Code:

iptables -t nat -A OUTPUT -p tcp -d 192.168.0.74 --dport 80 -j DNAT --to-destination 192.168.0.17:80

The policy for the rest is ACCEPT.This redirection didn't work this way. If I do lynx http://192.168.0.74:80 I reach 192.168.0.74 host, so there is no redirection.Could I achieve what I'm needing through with IPTABLES' OUTPUT chain (in nat table)?

View 1 Replies View Related

CentOS 5 Server :: Authenticate/Decrypt Packet Error: Packet HMAC Authentication Failed

Sep 17, 2009

I got a problem with my CentOS server. Somebody told me OpenVPN Requires different changes inside my firewall settings. That could be the problem why openvpn wont load..I receive this error on my CentOS panel when im trying to connect into the centos openvpn (with my winxp pc):

Thu Sep 17 20:31:36 2009 TLS Error: incoming packet authentication failed from 84.xx.62.122:2622
Thu Sep 17 20:31:38 2009 Authenticate/Decrypt packet error: packet HMAC authentication failed
Thu Sep 17 20:31:38 2009 TLS Error: incoming packet authentication failed from 84.xx.62.122:2622

[code]....

View 5 Replies View Related

Ubuntu Networking :: 9.10 Updates Yesterday/Today Cause Packet Loss On Networking

Apr 9, 2010

I have 3 Dell Precision M4400 machines. After getting updates yesterday or today, I get random network dropouts like crazy, on wired or wireless. On one machine I was able to turn off ipv6 in grub and reboot, and it works now. However on the other 2 machines, still have the same problems. All 3 are running 9.10 64 bit. Is there a way I can back out the updates so the network works again? Anyone else see this behavior after updates today?

View 2 Replies View Related

Networking :: Packet Spy On A Hub

Jan 25, 2011

I am in a hub(with switches and rooters) and i want to spy what packets everyone receives! if can i do this and if i can which tools i can use?

View 6 Replies View Related

Networking :: DNS Raw Packet Structure?

May 19, 2010

My question is about the raw MX reply package structure. I've read the RFC and all relevant pages I could find, but I couldn't figure this one out. Say we do a google.com MX query.

The first answer (just the rdata part) will be: google.com.s9b2.psmtb.com But in the raw package, instead of the .com, you have c0 13. Then for the second answer, google.com.s9b1.psmtb.com, the raw package has, instead of psmtb.com, just c0 3a. So is the part after c0 a pointer towards another part of the message? Or what does it stand for exactly? I am puzzled by it, and don't know exactly where to ask... some of the networking people here might have a good idea.

View 3 Replies View Related

Networking :: Packet DETECTED From 1s And 0s?

Jan 11, 2011

From all the stuff that can enter an interface, how does it know when an IP packet has been *formed*? What if it's just random garbage entering there for whatever reason? Also, can Linux do other protocols besides TCP/IP? This would be the problem, as I said above.

View 2 Replies View Related

Networking :: Udp Packet Conflict ?

Jul 28, 2011

In application udp port listening with 3330 i am sending udp request from port 0.0.0.0:3330 to 0.0.0.0:3330 that is same port in the same machine....application works fine udp sending and receiving also fine.....for clarification ....is there any conflicts in the communication ?

View 2 Replies View Related

Networking :: Odd PPPoE Packet Redirection Networking?

Feb 7, 2010

I have a machine with two network cards running linux mint 8 XFCE (which is compatable with Ubuntu Intrepid Ibex). eth0 gos out onto the network propper, has a static IP address of 10.10.10.10 and serves DHCP requests for the 10.10.10.x subnet.

eth1 is pluged into a PPPoE concentrator, and has a static address of 192.168.0.1 (I would have left it alone but pppoeconf wouldn't work unless it had an address).

ppp0 is the piont to piont over ethernet conection that is corectly created when I run pon. I have both guard dog and guide dog installed but they are both disabled.

Now, the weird part: I can ping the IP number of the machine at the other end of the pppoe conection (when it changes I can still ping the new number), the local IPs (10.10.10.x), but *nothing* else not even the DNS servers passed to the machine during ppp conection which are in the same sub net as the machine I can ping.

When I try to ping or trace the route I get an error message like: reply from 10.10.10.10: desination unreachable There is nothing wrong with the network at the other end, as I can make an Identical PPPoE connection from other machines on the network if the the concentrator is pluged into the hub (a rather unsafe place for it to be) and it all just falls into place.

What seems to be happening is that the machine is treating eth0 rather than ppp0 as the internet gateway, and passing the packets round in circles.

View 12 Replies View Related

Fedora Networking :: Receving UDP Packet In 12 ?

Feb 27, 2010

I wrote a program for transmitting an UDP Packet. It is properly received in Fedora core 2 machine while its not received properly in Fedora 12. I tried using Wireshack packet capture software which shows the protocol as DIS. Is there any service or setting i need to do for identifying the packet as UDP.

View 2 Replies View Related

Networking :: Identify The Icmp Packet?

Dec 1, 2010

how to identify the icmp packets & marking. this below icmp packets marking is not working.

iptables -t mangle -A PREROUTING -p icmp -j MARK --set-mark 0x5
iptables -t mangle -A PREROUTING -p icmp -j RETURN

with the help of port no or any other how can i identify the icmp packet ?... This below two is working fine

iptables -t mangle -A PREROUTING -p tcp -j MARK --set-mark 0x2
iptables -t mangle -A PREROUTING -p tcp -j RETURN

iptables -t mangle -A PREROUTING -p udp -j MARK --set-mark 0x3
iptables -t mangle -A PREROUTING -p udp -j RETURN

View 1 Replies View Related

Networking :: Data Packet Transmission In A LAN?

Jun 24, 2011

I need to know how a data packet is transmitted from the sender to the receiver passing through the five Internet layers. Specially what device (hardware) the data packets have to pass through at each layer before reaching the destination in a LAN.

View 2 Replies View Related

Networking :: How To Send Udp Packet To The DNS Using Netcat

Jun 16, 2010

How can i send udp packet to the DNS using netcat in opensuse.

View 7 Replies View Related

Networking :: Monitoring TCP Packet Loss In NS2 ?

Jun 23, 2010

I am simulating a TCP/FTP to TCP/FTP network and trying to monitor the packet loss.

I am able to monitor and graph data regarding the TCPSinks' bytes received, but I can't monitor packet loss.

Why is it that the TCPSink Agent has a variable for bytes (bytes_) but not one for monitoring packet loss?

Do I have to monitor the packet loss from the queue? If so, how do I write code for this?

Below is part of the code for monitoring bytes received from sinks if anyone was interested.

View 4 Replies View Related

Networking :: Packet Forwarding Using IPtables?

May 4, 2011

I have 2 Ubuntu boxes sitting in the same subnet; server 1 [130.15.6.68] and server 2 [130.15.6.69] What I am trying to achieve here is the following: server 1 act as a gateway or proxy to server 2, meaning that server 1 is exposed to the Internet and all traffic to server 2 should go though it (i hope!).

server 2 act as application server and I don't want a direct access to it from the internet. I want all the inbound traffic comes through server 1. for testing purposes, i will limit the traffic to simple http or port 80

in server 1, i have done the following settings: iptables -t nat -A PREROUTING -p tcp -i eth0 -d 130.15.6.68 --dport 80 -j DNAT --to 130.15.6.69:80 iptables -A FORWARD -p tcp -i eth0 -d 130.15.6.69 --dport 80 -j ACCEPT In server 1, I've edited the value of net.ipv4.ip_forward to equal 1 (uncomment that line in /etc/sysctl.conf) Currently, both server 1 and server 2 has its own apache2 servers with different index.html files. the problem is, when i browse to server 1, I am still seeing its index page rather than being forwarded to the index page of server 2. how can i achieve the traffic forwarding from server 1 to server 2 when my browser pointing to server 1?

View 3 Replies View Related

Networking :: Packet Redirecting To Another Interface Of The Box

Nov 19, 2010

I have to interfaces eth0(10.0.0.7) and wlan1(10.0.0.8) in my box. An application is listening (say, udp socket) at 10.0.0.7:5888.

Now if someone sends packet at 10.0.0.8:5888, I want to forward them to 10.0.0.7:5888.

I have tried this - iptables -t nat -A PREROUTING -p udp --dport 5888 -d 10.0.0.8 -j DNAT --to-destination 10.0.0.7

But Packets(with destination addr 10.0.0.8) are not received by the application (But they are received by the box, I have checked using wireshark). I have also enabled ip_forwarding.

View 1 Replies View Related

Networking :: Transparent Packet Monitor On One Leg Of A Tap?

Jun 29, 2011

Code:
Internet ---> Tap A--> Traffic Monitor
B--> Firewall --> Internal Network

I was hoping to make a server with Windows and "Colasoft Capsa" to capture and record all traffic. Is there a way to make it unaddressable so that I don't have to worry about someone getting into it? Like, put it in promiscuous mode, read and capture all traffic, without having an IP address or something like that?

View 2 Replies View Related

Networking :: UDP Use Packet Sequence Number?

Jul 13, 2011

Does udp use Packet Sequence Number?

View 2 Replies View Related

Networking :: IP And MAC Andresses Of A Packet What Went From PC To The Bridge?

Oct 8, 2010

it's one of the first time I'm using linux! For a report I have to answer to the question (the title) but it's very strange! A packet has an ip address? or does it referer to the IP address of the destination? And in particular this is the output of tcpdump -en ip proto 1 (while I'm sending ping -sv remote_machine)which are:

What are IP and Mac andress of a packet that went from my machine to the bridge? and what are the IP and mac of a packet that went from the router to my partner's machine? And how could i find the average delay that a packet experience in the bridge?

[Code]...

View 1 Replies View Related

Ubuntu Networking :: Shrew VPN Packet Loss

May 29, 2010

I am just starting my adventure into Ubuntu. After installing and configuring Shrew Soft in Ubuntu 10.04 64Bit, I am having some serious packet loss issues. The LAN is wireless, however the only packet loss I experience is over the tunnels. I have tried different algorithms, and it seems as I fiddle with the MTU client side, it clears a bit, but the best I have managed is 23% loss average.

View 2 Replies View Related

Networking :: Userspace Ethernet Packet Queue

Feb 12, 2010

I am a windows programmer. There I wrote a firewall and VPN System. It was easy. Simply, I USED WINPKFilter by ntkernel.com.What I need is to GET, Edit, and Send the raw Layer 2 packet before reaching to IP Stack.My friends were saying that linux is Ideal for Networking purposes. But for now I say that Linux is very bad in this field and I should say that windows is much better (I beg your pardon)After tens of hours for searching I got nothing good. The hook system of IPtables is not GOOD for me because it has not Ethernet header and also the packets are defragmented when I caught them.

I tried ebtables but it has no user space queue like IPTABLES. What I exactly need is to be able to reach to the chain of raw Ethernet packets and be able to modify them and resend or inject some ethernet packet packet. I Dont Want to go inside the KERNEL. (As windows I want a userspcae library). Dear linux expert I beg your help. Do not let me turn back to windows.

View 1 Replies View Related

Networking :: Arriving Packet (UDP) Never Reaches Process?

Apr 14, 2010

I don't know if this is related to a problem I have run into and posted elsewhere regarding 2 (or more) ethernet ports. But I encountered this while trying to solve the other problem (which I thought was Linux not setting correct routes for 2 interfaces). As suggested by someone when trying to solve the other problem, I switched to using the same IP address (it's a secondary address) on BOTH interfaces. So thus I have configured 172.30.0.13 on both eth0:1 and eth1:1. I am running the NSD program (an authoritative-only name server) listening on port 53 of 172.30.0.13. Some computers are getting the MAC address of eth0 for their ARP requests. Others are getting the MAC address of eth1 for their ARP requests. So this is determining which ethernet port their DNS queries will arrive on.

Those that send their DNS queries to the eth0 MAC address work fine. The NSD process gets the requests and answers them. The answers get back to where the query was sent from. HOWEVER ... those that send their DNS queries to the eth1 MAC address do not work. Using tcpdump, I see that the queries actually do arrive on the server. Using strace, I see that the NSD process never gets them. There are no iptables in effect.

Any idea why the kernel is deciding to not deliver the DNS query UDP datagram to the NSD process? It sure seems that the kernel just doesn't handle more than 1 ethernet interface (at least in the same subnet) correctly. IMHO, when an ARP request is received on 2 or more different interfaces, it should at least answer on both, each answer with the respective MAC address of that interface. It cannot know, and should not assume, any specific physical topology of the network beyond those interfaces.

View 1 Replies View Related

Networking :: Packet Capturing On Remote Machine

May 19, 2010

How can I configure, the packet capturing mechanism to allow non - privileged users to use it...

View 2 Replies View Related

Networking :: Packet Loss On 2nd Network Card

Jan 23, 2010

I try to setup a locale network between 10 (Web) Servers (openSuse 11.2), each Server is connected to the internet (eth0) which works fine on all servers.

A 2nd NIC eth1 (1GBit rtl-8169) on each Server is connect to a Switch and should function as a LAN. I installed/configured the 2nd NIC with yast, and than added a route for the local network (192.168.20.0) to use eth1. So far every thing works (ssh for example), but I have a packet loss of 10%-60% (ping) on the local network, and I cant find the reason for the packet loss. I already installed a Debian Lenny on 2 Servers (just to test) but I have the same problem on Debian.

No firewall or any other application is in the way. With tcpdump I could figure out that the packages are send but never show up on the destination server.

I put some more information about how I configured the LAN below. I have not done this my first time and from my experience if something is wrong with the network configuration (wrong routing, firewall in the way, etc.) this usually leads to a packet loss of 100% or the destination is simply not reachable.

The 2nd NIC is installed with either yast on suse , or by editing /etc/network/interfaces on debian. The Kernel module rtl8169 is loaded.

They are configured with the following values:

Route is added by:

Output example. of ifconfig :

Output of route (same on all servers):

Output of ping:

View 14 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved