Networking :: How To Log Ip Addresses
Oct 29, 2010Does anyone know a good program to log ip addresses when visited or connecting to your machine? Something like tcpdump but for ip addresses, I forgot what its called.
View 3 RepliesDoes anyone know a good program to log ip addresses when visited or connecting to your machine? Something like tcpdump but for ip addresses, I forgot what its called.
View 3 RepliesIs it possible to configure two IP addresses using one NIC? I'm implementing a VPN server on network 192.168.1.0, ultimately to be accessed over the Internet and through an ADSL router with port-forwarding to the server. Right now I'd like to test it on the LAN, but with the VPN client and server both on the 192.168.1.0 network, that test would not be be valid.
If I had a spare NIC I could put the server on both the 192.168.1.0 network and, say, a 10.0.0.0 network, configure the client on 10.0.0.0 and test. Not having a spare NIC, I'm wondering if it is possible to configure the server with two IP addressese NIC.Virtualising hosts are able to do something similar when running guests with NICs in bridged mode. Log files show they switch eth0 into promiscuouse.In case it matters the server OS is Slackware 13.0.
Can I set 2 addresses for the *1* Ethernet card that I have on my motherboard? How would this scenario work?
View 5 Replies View RelatedI've used two internet services to show me my IP address, and I get different results:1. Whatsmyip.org : ***.**.109.***2. ipchicken.com : ***.**.111.***All the * numbers are same, except 109 and 111. (or link me to explanation) of which one's which?
View 8 Replies View RelatedHow can I get two ip addresses to communicate with each other which are not in the same 255 range?
Like:
192.168.0.1
and
192.168.1.1
My machine has ONE ethernet card and is on a LAN.IP address is assigned to hosts using DHCP.I can have more than one MAC address on LAN by running Virtual Machine and setting network to bridged. This way, my virtual machine simply acts like there is one more machine in the network.Running VMWare for this job is a a bit heavy on resources. Is there a way so that I can I can have 2 or more ip addresses with different MAC address on the same machine without having to run VirtualBox.
By googling, I think its related to bridging and tap. And, I am sure thatts NOT IP-ALIASING because in ip-aliasing both the ip addresses have the same MAC address.Basically, I want my system to have interfaces like:-eth0 - which was originally presentlo- thats always present :|newint0 - New interface with new MAC address and IP addresses which can access my LAN directly. Its like if I bind, let us suppose curl to this interface, its like a different connection
I have connected my computer to network. Computers in network have dynamic ip address which is assigned by ADSL modem's DHCP. Besides this I want to have static IP address for same NIC. So is it possible to have both static and dynamic IP address for single NIC? If so how can I assign it using command and also in GUI?
View 7 Replies View RelatedI have a Dell Inspiron 1545 with Ubuntu Karmic that was working like a charm until last week.When I'm using my college's wireless I can browse just fine, but when I'm in my home's network the web addresses cannot be resolved.I was suspecting of DNS error, but it's the same DNS address in all the other computers, and the whole network is working just fine.The thing is that if I use the IPs, for instance 64.233.163.104 for Google, it works fine, both pinging and browsing. So the problem is in resolving the addresses...
View 9 Replies View RelatedI am running a dual boot PC, Ubuntu 10.10 & Win7. I do sticky static IPs on my local network, but it doesn't work cause the Ethernet adapter gets a different MAC address in Windows 7 (EF:9F:E9:F7:F7:F7) than it shows for Ubuntu 10.10 (00:13:74:00:5C:3. I am not sure if this is a Windows problem or something up with Ubuntu. The card is an on-board Atheros L2 fast Ethernet adapter. I have tried updating the drivers in Windows & nothing is working.
View 8 Replies View RelatedI would like to know if a rule has been applied to the iptables.active file to accept direct connections on port 22 through an IP address, can I also add a mac address/addresses to the rules such that if I am not on the network with the accepting IP address, that my MAC address will still get me in?
View 4 Replies View RelatedI would like have a password for accessing my web site which works fine. I also want for the specific site to allow access only for a specific range of ips. Right now the following config should forbid my access, as my ip is different from 200.200.200.*
View 6 Replies View RelatedI am looking for a command which, when typed from the command line, returns the ip-addresses of the DNS nameservers that my ISP is using.I think is should be technically possible to write a program that does this, because linux installers set up /etc/resolv.conf correctly (as does knoppix). But I've been unable to find a command that does it. Is there one, and if so, what is it called?
View 14 Replies View RelatedI do not currently fully understand relationship between binary numbers and ip addresses and subnet addresses; nor am I asking for an explanation here at LQ, when there are plenty at wikipedia and other places...
Even after reading the wikipedia article on it, I still don't grasp it completely, so I was hoping that someone who grasps it in its entirety could answer a simple question.
How can I express the range of ip addresses from 172.22.22.200 - 172.22.22.230 ?
I was trying to make a rule for iptables that only did nat on that specific range of ips, and when i tried used the "-s" flag followed by 172.22.22.200/11 it always changes to 172.0.0.0/11 in the actual rule that is created and displayed by iptables -t nat -L.
I already have many hosts defined on my network, and rather than going through each one and changing its ipaddress to 172.0.0.#, I was hoping to learn a way to represent them in the iptables rule.
I am using DHCP on my home network. There could be as many as 5 computers logged in at any given time. Their IP addresses change depending on the sequence they log in.I want to be able to connect to them from any of them (some wired, some wireless) and share files by issuing a mount command for the appropriate shared drive.My question is how to get the IP of each computer when I only know the names of the computers. Pinging the computer name succeeds, but it does not give the IP.In other words I am looking for a Linux command that will come back with a list of IP's with their corresponding computer names so I can issue the right mount command. I would like to issue this command from a Linux terminal, but would also be happy to issue it from a Windows XP station.
View 14 Replies View RelatedI'm on Fedora core 14 linux. and I'm online with the HSPDA modem. My modem is /dev/ttyUSB0 and when it's dialed it creates the interface /dev/ppp0 , My question is when I hit ifcofig it shows two IP addresses in the ppp0 interface.
Code:
[nature@localhost ~]$ ifconfig
eth0 Link encap:Ethernet HWaddr 20:6A:8A:12:CF:53
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
[code]....
when I get the routing table, the gateway is setten to the 10.64.64.64 and when I look my Ip address global I found it's 175.157.64.119.
I noticed when looking at visitor stats for a web page, most users IP address resolves to a city. But for some visitors, the city is "location not available". How can someone get an IP address that's off the map? Where I'm seeing this is in the stats for an awurl.com link.
View 1 Replies View RelatedMy Linux gateway has multiple address to internet:
eth0 = 76.148.200.3
eth0:0 = 76.148.200.4
eth0:1 = 76.148.200.5
and it's own gateway which is 76.148.200.2 (probably not relevant) and I also have which is not internet, but local:
eth0:2 = 192.168.0.1 netmask 255.255.255.0
They all work fine and tested. Now I am sharing the internet through eth0 (76.148.200.3) to 192.168.0.1/24 and that's working fine. The script I use to do that is here...
Code:
#!/bin/sh
echo 1 >/proc/sys/net/ipv4/ip_forward
echo 1 >/proc/sys/net/ipv4/ip_dynaddr
iptables -t nat --flush
iptables -A FORWARD -i eth0 -d 192.168.0.1/24 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -s 192.168.0.1/24 -o eth0 -j ACCEPT
iptables -A FORWARD -j LOG
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Now all I want to change in the script is to share it through 76.148.200.4 (eth0:1) instead of what is already sharing through 76.148.200.3 (eth0). I am sure this is easy but can't work it out and iptables doesn't accept 'aliases'. How I can do this by modifying this script?
Hopefully Ody has found a result in the 5 years since he posted this question, for anyone else looking for an answer
NMAP scan for a range of individual IP's can be done using the '-' for example:
(this is accurate as of 2010, actual results have been altered to match OP's address range)
$nmap -sP 192.168.0.1-14
Starting Nmap 5.00 ( http://nmap.org ) at 2010-12-22 09:55
Interesting ports on 192.168.0.1:
Not shown: 999 closed ports
PORT STATE SERVICE
80/tcp open http
Interesting ports on 192.168.0.2
Not shown: 999 closed ports
PORT STATE SERVICE
80/tcp open http
Interesting ports on 192.168.0.3:
Not shown: 999 closed ports
PORT STATE SERVICE
80/tcp open http
Nmap done: 14 IP addresses (3 hosts up) scanned in 8.08 seconds
I'd like to add further IP addresses for my server but I don't get it. My steps :
[Code]....
I installed Fedora 13 on my laptop today after deleting a badly screwed up Windows XP partition. Everything installed smoothly even my Broadcom drivers but I can't seem to figure out how to get Firefox to access the web with a URL.
I can ping Google, and can get to it in Firefox if I use the IP address from the ping, but going to [url] in Firefox will give me an error message about not being able to find the server at the web address. I was also able to update from the terminal with yum update just fine. I've tried searching Google for some answers, and maybe I just can't phrase my query right, but I found nothing that I could use to try and fix my problem.
I've attached a HardInfo report which I hope could be useful if you need to know what my hardware is (an HP Pavilion zv5000 laptop).
I have run into a problem that I've tracked down to being a conflict between the "Upstart" init system, and how it handles multiple (alias) IP addresses per physical interface. The summary of the problem is that the interfaces are being configured in the background in parallel with the starting of daemons. One "feature" of this (apparently intended for pluggable devices that would add or remove an interface) is that the network daemons are restarted each time an interface is added (and presumably deleted). But this is a disaster when applied to alias IP addresses.
I first saw the effects of this when during booting Ubuntu Server, the screen showed a message about OpenSSH daemon being restarted ... several times a few seconds apart each. At the time I didn't know what was causing that, but didn't worry because it ultimately was running when I needed it.
But now that I am deploying these servers for specific duty with many IP addresses per system (per network interface), the symptoms are becoming serious, and I need a solution.
1. The IP addresses are coming online too slowly. Apparently the time it takes to restart each daemon is being added to each address being configured.
2. It appears to be disrupting some daemons sometimes. Occaisionally, some daemon just ends up being hung somewhere, or dies. Too many restarts.
3. Sometimes few or even no alias addresses get configured. This might be due to a daemon getting hung, and the whole sequence just not finishing.
4. The "nsd" name server as packaged by Ubuntu doesn't deal well with this at all. It needs all its IP addresses to be up when it starts, or else it won't start. The Ubuntu package of it doesn't including any if-up script at all, although I'm not sure that would do any good.
What I need is a way to configure all these alias IP addresses so they are all configured immediately when the point in time is reached to bring up network interfaces for the first time. These are all static, and all are aliases on ethernet NIC cards plugged into PCIe cards, or integrated in the mainboard. None of them are pluggables. I did run a manual test of "ifconfig" in a loop configuring 2540 alias IP address on eth0 and it only took 2 seconds (no if-up triggers or daemon restarts here). So I know it's fast if nothing else is done between these steps.
Even for pluggable physical interfaces, I see no reason to even try to step through every alias (if it has aliases) with a daemon restart. If an alias IP address is added on later, then I can understand doing it. But if you have a list of 100 aliases for a physical interface, they really should all be done ... or at least attempted ... at once, and do any triggers needed after that.
So, how can I configure or modify Ubuntu Server 9.10 to do that?
I have each alias listed in the "/etc/network/interfaces" file with a separate "auto" and "iface" section for each one, with sequential sub-interface numbers appended to the interface name. I tried it without those sections (e.g. just "address" and other items in sequence) and that prevents the system from even coming up (bootable CD to the rescue to undo that). At least cntrl-alt-del did reboot it.
I tried to attach the /etc/network/interfaces file, but I don't know if it worked because I see no confirmations about it. if it didn't attach and you need to see it, say so, and I'll just paste it in a followup.
I've happened across a wireless router that has a gateway address of 192.168.0.1 and allots IPs from 192.168.0.64-255. My laptop wouldn't connect to it automatically, so I was playing around and found that it needed 0.x instead of 1.x. I thought the network manager on ubuntu would have figured that out?! Now its a separate story that the router happens to have no admin password
View 4 Replies View RelatedI'm trying to assign like 80 IPv6 addresses on eth0 for virtual webhosting, but after 55 addresses I get the following error:# ip addr add 2a01:9f8:a171:1651::4b:a8af dev eth0 RTNETLINK answers: File exists.What's the problem? I don't understand that error message at all. Is the number of IPv6 addresses per device somehow limited?Ubuntu 10.4.1 server, 64 bit.
View 1 Replies View RelatedIn order to get internet access at my school I have to log into a vpn. No other addresses can be accessed before login. With XP the login is authenticated through the browser (IE and Firefox supported) and run by a juniper network connect applet.
Now when I try to do this in firefox in Ubuntu it tells me that I'm not allowed to login. So I started doing a little research and found out that I should be able to authenticate with VPNC. Trouble is I can't get internet to install anything. Which means I have to download the packages in XP and reboot into Ubuntu. And every time I hit a snag I have to reboot into XP to look up what I need to do. So what I'm wondering is if there is some work around that will get me logged in (maybe through the browser authentication?) so that I can work through issues in one os instead of two?
I want to use iptables to automatically block all IP addresses who send UDP packets with length 11 more than 3 times per 10 seconds.
View 1 Replies View RelatedI have a box at home that I've installed CentOS 5 on to. I'm new to Linux, so before connecting it up to the router I wanted to try and understand the network settings, so I connected it directly to my other PC with an RJ45 cable. From Windows 7 I can ping all known static IP addresses, but from Linux I can only ping the Linux addresses, not the Windows 7 one. Below are the TCP/IP IPv4 settings, all IPv6 settings are set to auto-assign.
Windows box (uses wireless connection for the router):
Local Ethernet Adapter
IP Address: 30.10.0.1
Subnet: 255.255.0.0
No gateway, primary/secondary DNS.
Linux box:
Three adapters:
Two onboard LAN, both configured to:
IP Address: 30.10.0.2 / 30.10.0.3
Subnet: 255.255.0.0
Gateway: 30.10.0.1
No primary/secondary DNS.
One LinkSys PCI card:
IP Address: 20.10.0.1
Subnet: 255.255.255.0
Gateway: 192.168.1.1 (my router)
Primary/Secondary DNS: my ISPs details.
The idea was to connect the box directly to the router (with RJ45) and to be able to remote login from my main PC to this one. This box is to be my home server, which I was going to put virtual machines on to for things like my development work and such.
The subject has the big question. I've read answers both ways.The kernel has documentation that says the IP addresses belong to the system. Yet the configuration works as though they belong to the interface.Shouldn't we have it just one way and stick with it ... and make everything work that way?
If IP addresses truly belong to the system, then a command to configure an IP address should not need (and not even accept) the name of an interface. The only exceptions would be link-local addresses (which by their nature do suggest being interface specific ... and they should be autoconfigured by the kernel, anyway). Interfaces would only need to be brought up or down.
I use Ubuntu Linux system 10.04 under a network. I think network admins can see the web pages I visited. How can I hide the the addresses I connected? Is there any way of that?
View 14 Replies View RelatedI am using Ubuntu Server and would like to recieve an email once a day listing mac address's that have requested an ip address that are not in my list of known mac address's.
lookup=`grep $mac /root/dhcp.macs`
#This does not work as the first entry mac1 will be okay but mac2 and mac3 will not
#It will try to use mac2 as the file to look in which won't exist
#I need to make it loop through for each line of the variable and add that to the lookup value diff $mac $lookup
#I think this should differentiate known from unknown if i can get a lookup value
A quick rundown of my equipment and plan for this particular machine.
SOYO P4I845PEISA Motherboard
Intel Pentium 4 2.0GHz Processor
512MB DDR333 RAM
ATI Radeon 8500 128mb AGP Video Card
Using onboard AC'97 Audio and Davicom NIC
Linksys BEFSR81 Wired Router
I am setting up a multiboot system with several OS's, multiple versions of Windows & several Linux distros. The main point of it all is just to have a system where I can load up a given version of Windows or Distro of Linux if I need to test something or show someone how something works.
The Problem:
5 versions of Windows installed, all hardware configured and functioning properly (including NIC) All Windows versions obtain DHCP IP addy with no problems.
Installed Red Hat Linux 9 (first of my linux distros) and it autoconfigured all of my hardware and has no problem getting an IP address.
Installed Fedora 8 and it could not obtain an IP address. I fiddled around with the network settings changing this and that, covered all of the options, and it had no effect. By this time I was irritated, so I just formatted and reinstalled the whole thing, which had no effect and resulted in the same problem. I decided to try it again, this time turning off my sound card and nic for the initial installation. After the initial install, I turned on the sound card and booted up to install it, then restarted, turning on the nic to install it. Fedora installed them both, and managed to get an IP address from my router.
I looked at the ifcfg-eth0 file and the only thing that was different from the previous installs was that a line reading "type=ethernet" (I believe thats what it said) was not there in the working install and had been before.
Puzzling and irritating, but Fedora was now working so I moved to the next distro on my list.
openSUSE 11.0
First install I tried the same thing I did with Fedora (turning off the NIC which did not work like it did in Fedora)
Second install, left all of my hardware enabled, and made it to the part where it asks to verify your internet connection. I clicked Test, and got this error:
Opening of Connection
eth0 device: Davicom Semiconductor, Inc. 21x4x DEC-Tulip Compatible 10/100 Ethernet (rev 40) DHCP Client is already running on eth0
I finished the install, and then got on another machine and I searched the net for this error, but could find nothing that specifically applied to my problem. I played around with the network settings, tried a couple of things that I had come across in my search (changed between tulip and dmfe, checked the box for "Request Broadcast Response", ran "service network restart" in Terminal) none of these had any effect.
The most irritating thing about this is that RHL9 had no problem with this whatsoever and it is badly dated, and the much newer distros are choking on it.