I have recently just got another internet connection at home via cable as well as my exisiting DSL connection. I was wanting all my web browsing that I did via squid to be redirected down the cable connection. The box has a single nic at the moment and the default route sends it via the dsl connection for the mail server that is also running on the box.I was hoping that anything that hit squid would go down the cable connection that is plugged into a router and thus I can route to 172.16.2.251 and everything will go out via cable.
I was reading about iproute2 and marking the packets and is wondering whether this is the way to go?
From what I've read, when linux sends a ping it sends without the netmask, so windows server assumes it must be a broadcast? Why doesn't linux send a netmask with a ping?
I'm using OpenWRT on a WRT54GS. I'm using wifidog in combination with openvpn. For those of you familiar with wifidog, my auth server is located at the other end of an openvpn tunnel and the "wifi dog gateway" is running on the WRT itself. I'm don't really think that wifi dog is the issue. Basically, I'm using openvpn with the "redirect-gateway" option which works well. In this mode, openvpn removes my current default gateway setting and adds the remote openvpn server as the default gateway (as it should). However, overnight, my default gateway on the local network keeps reapperaing (along with the openvpn one as well).
This causes confusion and I don't want any packets (But ovbiously the connection to the actual openvpn server) to go down this local gateway. Why do you think it reappears? Do you reckon openvpn is dropping connection and somehow the normal gateway is being added back? I *could* run a cron script which runs every minute or so with something like "route del default gw xx.xx.xx.xx" (where xx.xx.xx.xx is the default gateway which I don't want to be there) but that is quite messy and means that if I were to ever move the router I would need to reconfigure this and considering that I would like in the future to have many of these wifi dog gateways, this really isn't an ideal option (as every network will have a different default gateway).
To be able to use my 3g connection from my laptop I am using Azilink.Azilink work by setting up a little Openvpn server on your smartphone then you connect to your smartphone from your laptop with OpenVPN.From there what i wanted was to use a second VPN connection to an external Linux host and redirecting all my traffic to that tunnel... (redirect-gateway + iptables)It is working but partially..Here is the way I connect through my phone (all steps are I think important for the routing issue...)
1) I plug the phone then a usb0 interface is created with the 192.168.239.5 ip adress (my phone is 192.168.239.4)Then adb connect 192.168.239.4
2) I have to enable a port forward on my phone adb forward tcp:41927 tcp:41927
3) I run the openvpn script (to connect to my phone on wich i have launched Azilink)
So Openvpn connect to 127.0.0.1:41927 (to my phone) From there I have a Initialization Sequence Completed At this time I am connected through 3G via my smartphone to the Internet..And as you imagine i don't want to enter all the IP adresses of Internet minus RFC1918 manually via route command.I think the problem comes from the fact that when i do the route add default gw 10.8.0.5 it is overwritting all the routes required to establish the first and the second connection am i right? Could someone help me solve that issue ?
Hi, In squid i have blocked some sites like facebook and ......I want to know is there any way when user type in his browser like www.facebook.com instead it show something like following it automatically redirect to www.google.com
Error The requested URL could not be retrieved The following error was encountered: Access Denied.
Basically I want to redirect the http request so the user should not see the page not found error but www.google.com page may open automatically.
i have installed squid 2.6 on my centos. i have writen a shell script to ping a network and write to a file. write '1' if network up and '0' if network down. After that,a perl script will read the file and do the redirection.Perl will redirect to a fix URL [URL] if the network down and do nothing when it up. i have put my perl script in squid.conf at url_rewrite_program /my_file_path.
below is my shell script for pinging:
Quote:
#!/bin/bash while [ 1 ] do HOST=143.148.137.134
[code]....
My problem is client browser are not redirect to www.google.com even the network is down. It should go to the fix URL when the user click any URL in network down situation.it just appear cannot resolve host.
I've been having a hard time googling and trying to get ALL network connection to be redirected to squid proxy. I couldn't find a proper configuration for ufw or iptables. The ideas are:
1. redirection rule should NOT depend on a specific network inteface, but should work with any connection type, ex.: ppp0 or eth0... 2. firewall rules can be for firehol, iptables, or ufw (the same as iptables, just tell me where to place them). Preferably ufw or gufw. 3. should not interfere on cups web interface and lighttpd server.
I use CentOS 5.4, Squid version 2.6 , squidGuard version 1.2. Squid works properly, squidGuard also works properli. I want to redirect all requirests from [URL] to [URL]. It seems that squidguard works:
We host a web server in which we are hoping to implement some form of traffic redirection based on source IP address, and I am wondering whether the squid proxy built on iptables would be capable of managing this task? Essentially we are trying to redirect traffic from specific set of source IP ranges to a "Your IP has been restricted" type of page at a different IP/FQDN.
I have been beating my head for the last few weeks on this problem, (although I have been taking the wrong approach, it seems).
I need a gateway to direct web traffic to three separate servers/domains. I have been trying to do this with both a dns server and , (seperatly), apache server to forward requests. The dns server was a no go, and <i can only get apache to redirect http and ftp.
After Googling this ALOT, I believe that what I need is a gateway server to redirect my traffic to the 3 different servers. I have been reading about using using nat and iptables for this and was wondering if anyone had any advice/suggestions on this. The other thought I had was to use something like pfSense to create the gateway, but I am still reading the documentation, and I am unsure if this approach will work.
I have an old FC2 box running Squid version 2.5. It has been running since 2003 so I am in the process of replacing it. I have a new machine with FC11, iptables, and Squid 3.0 installed.
On the old machine I use iptables to intercept Port 80 traffic and send it to Squid. By default I block all internet access and allow only sites that are in an Allowed_Sites.txt file. Within Squid I also have statements to allow certain users to bypass Squid based on their IP address.
I have set up the same thing on the new box. I have iptables intercepting the Port 80 traffic and sending it to Squid. That is working because if I remove the redirect statement from iptables all internet access is blocked.
The problem I am having is that Squid is not blocking any websites. It acts like the ACL is set to http_access allow all. I have worked on this for several hours and am stumped.
I am trying to get a Linux (Slackware 13.37) working in a Windows networking environment. The IT support for this organisation does not extend to Linux support, so I'm limited in what help I can get for this.
I'm trying to get to the point where I can get to the internet to download what I need on this Linux machine.
The situation is this (*fictitious addresses used) -My Linux machine uses a fixed IP address (10.100.150.21) My Windows machine uses a DHCP assigned IP address (10.100.150.213)Both Linux and Windows machine are configured to access the gateway server (10.100.150.1)So, I can ping the Linux machine from the Windows machine and vice-versa.I can ping the gateway machine from the Windows machine.I can browse Windows Shares on the network via SMB from the Linux machine.I CANNOT ping the gateway machine from the Linux machine with the Destination Host Unreachable message being the error message.
For actual internet access I need to access a proxy server but since the Linux machine can't even ping the gateway server, it fails to ping the proxy.Now, I have been told the gateway is a HW based router and for Windows machine they use some software for authentication to connect to the network. This software isn't available for Linux, so that's why I've been told to use a fixed IP address.My experience of networking is pretty basic and most of the Linux setup is done via running Slackware's setup program.
I am trying to grep multiple numbers from file, grep does have the -f option for that.
Code: grep -f <`seq 500 520` /etc/passwd I know this could be done with
Code: for i in `seq 500 520`; do grep "$i" /etc/passwd; done But my question is fare more behind this example. It is possible to redirect one command output which will be treat as a content of file for another command ?
where to look for setting up my web server A so that if I have to bring it down for maintenance, all web traffic will go to my backup server B. I thought about changing DNS entry but that will take time to update.
I'd like to set up an iptables configuration as follows:- Allow all traffic by default- For one user account (anonymous), block all traffic except:- All traffic on lo- All DNS requests, which should be redirected to 127.0.0.1Here's what I tried:
I have a virtual environment, RHEL6 minimal install. On that, I am trying to run Liferay6 on Tomcat6 for the purpose of writing prototype business portals. I used the Liferay+Tomcat bundle downloaded from the Liferay website.
For security reasons, the server can only be accessed through port 80, and Tomcat listens on 8080. (I know I can run it so that it listens on another port, but I'd like it on 8080)
Goal:
Use iptables to forward traffic destined for 80 to port 8080.
What I Did:
Configure nat to forward tcp packets from 80 to 8080:
Code:
List the nat iptable:
Code:
wget to 80 doesn't work:
Code:
What I Already Checked:
Tomcat did start normally. Logs show no errors, and specify that Coyote HTTP/1.1 is initialized on http-8080. I can provide this log if need be.
Tomcat is listening on port 8080:
Code:
Code:
I get the same negative result on the VM on the server as I get on a RHEL6 VM on my laptop.
The iptables method that I described above does in fact work with Liferay6 on Tomcat6 on Ubuntu 10.10.
I have looked at this thread. I appear to have tried everything that was mentioned there.
Actual Question: I would like to know how to effectively forward 80 to 8080 on RHEL6, so that I can access Liferay on Tomcat (listening on 8080) at 80.
I work for a auto dealership, and they have a proxy server that is provided by toyota that does nothing other than route traffic some specific sites they use in the dealership. We are looking to put a local proxy server in place to filter web traffic of virus/inappropriate content. What I am looking to do is set everyone's proxy settings to point to our server but when someone puts in the toyota sites it will redirect them to toyota's proxy server and out. I am not sure if this is possible or not.
I have "Server A" with real internet ip 1.2.3.4 (eth0) and lan ip 192.168.1.1 (eth1) There's also "Server B" with lan ip 192.168.1.2 (eth0), I'm running an Apache Web server on "Server B", so I want to redirect all traffic from IP 1.2.3.4 port 80 (Server A) to 192.168.1.2 port 80 (Server B), using the following rule:
[Code]....
iptables -t nat -A PREROUTING -p tcp -d 1.2.3.4 --dport 80 -j DNAT --to 192.168.1.2:80 This actually works pretty good, from internet I can browse ttp://1.2.3.4 But the problem is that if I check the Apache logs, all incoming connections seems to come from 192.168.1.1 instead of showing the real source ip addresses (internet ip's) so this is screwing up all my web stats, I've been looking for hours and hours on how to make a transparent redirect, but can't find any info, I know there must be a way because my old WRT54G router which uses iptables could do it.
I have a bit of a strange scenario. I have a machine with a fixed IP (192.168.0.108), running Linux. It has an external IP 99.99.99.8 via a 1:1 NAT on a Cisco ASA/router. Port 3389 (MS RDP) is open for 99.99.99.8. I want my Linux machine to listen on port 3389 and redirect all traffic to that port to a Windows machine (192.168.0.100). In this way, my Linux box is able to respond to requests on all ports, but port 99.99.99.8:3389 connects to Remote desktop on the Windows PC. I do not have access to the Cisco NAT config. I was able to get this setup to work by using an SSH tunnel.
I ran this command on the linux box: ssh -L 3389:192.168.0.100:3389 ergosteur@192.168.0.108 Any ideas? Perhaps using iptables or something?
I have a server with 192.1.9.10 ip address and I want to define two gateways with ip: 192.1.9.4 and 192.1.9.254 on it but I don't know how I can do it. I don't have professional information in linux.
I've rent a server from a Germany data center,They use a single IP as their gateway that is not in range of my servers IP,Strangly server is working well and when I use 'route -n' command the gateway which is in other subnet appears properly./etc/sysconfig/network contains no gateway IP and I don't know how they set the default gateway while after reboot the gateway is the same, also the IP is static and there's now DHCP.I need to know how they did it so I can do the same on my VPSes.
I have 2 lancard eth0 connected to local lan eth1 connected to bsnl broadband connection, I have centos 5.3 here I configure broadband in dial up mode. I am unable to ping outside world and unable to access some site but able to access internet like google etc, configure file is as:
I have one scenerio ,I want to use my Linux PC as residential gateway .I have only one NIC connected to my PC(I cannot connect more) to handle this problem I am using switch . All the devices including my PC are connected using switch (Please refer attached file). I am not sure how can I achieve this ? I am familiar with NAT and DHCP but do not know is this possible in this case?
My company requires a proxy server that requires a manual configuration to use. Many Ubuntu apps, however, do not respect the HTTP proxy settings.Is there anyway to modify my local firewall settings to automatically forward IP traffic to the company proxies in the same way a transparent proxy might work?Would I need to set-up my own local, transparent squid proxy which itself forwards to the company proxy?