Networking :: Source Routed Packages - IP Rules?
May 19, 2010
I am building a router and I wonder if I have some rules like this and
/proc/sys/net/ipv4/conf/all/accept_source_route is 0 will it work.
Code:
echo 1000 TEST >> /etc/iproute2/rt_tables
iptables -A PREROUTING -s 192.168.2.0/24 -t mangle -j MARK --set-mark 1
ip rule add fwmark 1 table TEST
ip route add default via 192.168.3.5 dev eth2 table TEST
I am not quite sure is it source routed packages at all. And also even if it works with my router will next firewall drop such packages. I have mentioned before that some things like:
Code:
ip route add default via 192.168.3.5 dev eth2 src 192.168.2.0/24
do not work
View 5 Replies
ADVERTISEMENT
Aug 3, 2010
I have a linux server I'm intending to use as a firewall. The server has the following adapters
eth0 - Public IP (VLAN2)
eth0:1 - Public IP2 (VLAN2)
eth1 - 10.241.4.4 (VLAN4)
the Default gateway is my ISPs gateway. Additionally, I have the following route set: route add -net 10.0.0.0 netmask 255.0.0.0 gw 10.241.4.1
I have a server that exists on VLAN 208 at IP 10.241.209.67/21., its GW is 10.241.208.1 (first IP in /21 range)
as it is on the 10.0.0.0/8 network, traffic from the firewall is successfully routed from that server through my router to the FW and out to the Internet. The FW can ping, ssh, etc... the server and vice versa.
I want an iptables rule that will allow me to forward port 4401 on eth0:1 to 10.241.209.67:4401.
Is this possible since the IP is not on the same subnet as eth1, even though it is accessible?
I'm a bit better than a neophyte linux user. I have not made port forwards with it in the past without scripts to assist so I'm looking for not just "it is possible", but also the syntax of how to add it.
View 2 Replies
View Related
Jun 28, 2011
I have a linux desktop with two connections - fast eth0 and slow modem ppp0. Most of traffic (e-mail, DNS, NTP) can be routed simply by IP/mask. But how about http and p2p (torrents, DC++)? Routing by IP is unacceptable, because there is very huge amount of routing rules. I need route http packets (80 port) through ppp0, p2p through eth0 (10000:65535 ports). I've found that splitting traffic by port is possible with marking packets for different gateways. For begin I cleared all tables and bringed up connections.
Code:
# iptables -F -t mangle
# iptables -F -t filter
# iptables -L -t filter
Chain INPUT (policy ACCEPT)
[Code].....
View 7 Replies
View Related
Mar 10, 2011
I currently have one of our clients set up to use a routed VPN for their 5 laptops to connect to the server remotley. And this works brilliantly. They are about to bring on a remote office that will need a VPN connection back to the main office, so I was going to set up a bridged connection between the two sites (and possibly more sites in the future).
So my question is whats the best way to go about this? Can I have one instance of OpenVPN running with tun0 set up for a routed connection to the laptops and add a second tun (tun1) to the config that will be for the bridged connection between the sites? Or am I going to have to run multiple instances of OpenVNP, one for the routed and another for the bridged?
If routed and bridged have to run in seperate instances, will I have to add another instance for each new remote site that needs a connection? Can a bridged config connect to multiple sites, or have multiple tuns in the one config?
View 3 Replies
View Related
Jan 5, 2010
HOW TO INSTALL PACKAGES IN IT ,IT SHOWS SOME ERROR (Cannot install source packages) OR (No packages were given for installation.)
View 5 Replies
View Related
Aug 13, 2010
I have three machines say A B and C. I want to make machine B as a router for A and C, so that the ping packets from C to A should be going via B. I have directly connected two interfaces(eth4) of A and B and similarly two interfaces(eth5) of B and C. I have even set up a route between B and C. 1. But I am not able to set a route between B and A.2. If I ping A from eth4 of B(viceversa) it works. When I ping B from eth5 of C it work but not the viceversa.3. Also, if I ping from C to A, B receives the packets, but not A.
View 3 Replies
View Related
Apr 2, 2010
I have searched google, but can't really get the hang of setting this up.Most howtos are setting up a DHCP and PXE on the same box. At the present my DHCP is done by my router and I want to set up the PXE server on my main PC.My router can re-direct traffic types based on ports (UDP or TCP) to an IP but can't do the bit about directing the pxe loader name (and I really don't want to ssh into it and start messing about there)If I redirect the port (what ever it may be, help required here) how would I go about setting up the Ubuntu PC to do the load and pass back to the PC trying to PXEboot?
View 1 Replies
View Related
May 20, 2011
In addition to 2 "desktop" machines, I recently set up an Ubuntu Server with Apache2, but when I try to access my www.homepage from a machine locally connected to the same router (via both wired & wireless interfaces), I am directed to the Login page of the router, not to the www.homepage. Yet, when I access the www.homepage from elsewhere, my www.homepage is accessible.
I can browse to my www.homepage by entering the local IP address into browsers on both local machines, so I know the machines are talking to each other. Just not letting me get in via normal internet browsing channels.
Server: Ubuntu 11.04
Webserver: Apache2
Router: D-Link DIR-615
IP Address of: 192.168.0.110 (reserved on router, static on server)
[Code]....
View 7 Replies
View Related
Jun 19, 2011
I need to create filename 70-android.rules in the directory /etc/udev/rules.d/I have Adm privileges in my user account properties, but when I use sudo to create this file the Ubuntu OS does not allow me the privilege... I am running Ubuntu 10.04 LTS and here's the Terminal output below:daddy@gatomon-laptop:/etc/udev/rules.d$ sudo cat > 70-android.rulesbash: 70-android.rules: Permission denieddaddy@gatomon-laptop:/etc/udev$ ls -ltotal 8drwxr-xr-x 2 root root 4096 2011-03-16 18:03 rules.d-rw-r--r-- 1 root root 218 2010-04-19 04:30 udev.conf
View 2 Replies
View Related
Apr 29, 2009
I installed CentOS 5 (x86-64). I got a project which was developed long time ago and need to update it so it can be run in the fresh new CentOS 5.2. All I know about the project was that it had been developed with and wxGTK1.2. I look at the makefile, which contains:
---------------------------------------------------------------------
SYSTEM_INCLUDE = -I/usr/X11R6/Include
-I/usr/include/cairo
[code]....
View 1 Replies
View Related
May 16, 2010
OS: Ubuntu 10.04.
When I try to install some packages by aptitude, I see this:
Before it, I made it (sudo apt-cdrom add):
And it (sudo apt-get update):
My dvd-disk is not broken - md5 checksum is right. In sources.list I have only cdrom source, without any network repositories. When I install one package (for example pptp-linux) which don't use any depending, it work good, but when I have some group of packages - installed only first package from this group, you can see this in a first image, marked by yellow color and set to 16 percent.
View 9 Replies
View Related
Jan 21, 2011
I would like to create some packages for programs that use the Git software to manage the source, I want to do this directly using the source code in the Git repo as the source code form the package. Does anyone have any hints or directions on how to do this? I been looking round the web for information about this, but all I seem to find is for about storing and build Debian packages from git, this is not what I want to do as these packages are for personal use and I have no need for this.
View 3 Replies
View Related
Jun 23, 2010
Wanted to switch to Kubuntu and decided a clean install was the way to go. Though the learning curve isn't too tough, I've hit a serious snag: When I try to compile a source package according to the similar instructions in each of the README files, I get the same error message;
Instructions:
mkdir build
cd build
cmake -DCMAKE_INSTALL_PREFIX=`kde4-config --prefix` ..
make
su -c 'make install'
[Code].....
I'm liking this KDE 4.4 setup, but if I can't install the improvements from kde-look.org
View 6 Replies
View Related
Jul 8, 2011
My SL6.1 Distribution isn't connecting the the source packages from yum. It says something along the lines of the repo???.xml cannot be found for altrpms & sourceforge packages.
I have already tried using the command:
su yum clean all su yum update package-list
but that failed to work.
and su yum makecache
Is there any other way i can try? Like uninstalling the source from yum then reinstalling it?
View 2 Replies
View Related
Dec 6, 2009
I'm not to sure if i'm using the right terminology but im trying to install rrdtool and it needs all these dependencies. One of them I have installed but it isn't up to date.glib-1.2x needs to updated to 1.17 or higher. How do i go about updating this? I downloaded the source and did ./configure && make && make install but this didn't update it.Also trying to install libxml-2.0 to 2.6.31, im getting a whole list of dependicies.
View 2 Replies
View Related
Feb 4, 2011
Very often we get to hear Binary / Source when we talk about installing packages...From what I understand "Binary" refers to a natively packaged installation by a Distro wheras installation from Source would entail fetching the files, Compiling and then building the package. When we say "source" where do these codes reside? Is it diffferent for different distros or one common source like "sourceforge.net" or similar?! I know it sounds silly but what is the origin of the source codes??
One general remedy if a package is not found is to install from source... So , source would refer to a "tar.gz" or "bz2" archive present at some location like "[URL]". In some cases , id it possible that some packageas are not available in "Source". When I tried to build a package for a particular distro , I was told that some dependencies are not un the source ...What is the meaning of this? So do all distros maintain the codes in their official repositories?
View 1 Replies
View Related
Mar 6, 2016
I'm a fresh user of Debian 6 64 Bit. I'm trying to install wine on it to run bluestacks. URL... but when I use the following command, it can't seem to fetch some files/packages. I have these as my sources list at the moment.
sudo nano /etc/apt/sources.list
deb http://ftp.us.debian.org/debian stable main contrib non-free
deb-src http://ftp.us.debian.org/debian stable main contrib non-free
deb http://ftp.debian.org/debian/ wheezy-updates main contrib non-free
deb-src http://ftp.debian.org/debian/ wheezy-updates main contrib non-free
[code]....
View 5 Replies
View Related
Jul 16, 2011
If I want to compile a kernel from source (from kernel.org), including all the drivers I need regardless of their origin, I would not need any firmware-*.deb packages, right? Do the firmware packages add anything that is not present in the latest kernel?
View 3 Replies
View Related
Mar 15, 2010
What package do I have to install to build packages from sources? I am trying to build the TrueCrypt package from source.
View 1 Replies
View Related
Jul 6, 2011
I need a newer version of the nvidia drivers for opensuse 11.4. ftp://download.nvidia.com/opensuse/11.4 has version 270.41.06 available, but I found that I need the 270.41.19 version for CUDA 4.0 to run (yes I know CUDA 4.0 does not officially support 11.4, but the same 270.41.06 is available for 11.2 which CUDA 4.0 does support).
Where can I download the files x11-video-nvidiaG02-270.41.06-5.1.nosrc.rpm and nvidia-gfxG02-270.41.06-4.1.nosrc.rpm that these binaries were created from? Once I have the source rpms, I can easily update them to the newer version.
View 9 Replies
View Related
May 20, 2010
I have recently installed a dev branch of Postfix on my box (jaunty), in order to access some new features. This requires that I do not use any of the postfix-related packages in the repos, I have to set this all up manually.
What is the best method for me to manage this system moving forward? Do I need to prevent the repo's postfix package (or anything depending on it, like postfix-mysql, postfix-dovecot etc.) from ever being installed accidentally? Is there anything else I need to worry about? How do you folks generally manage having compiled, customized versions of software that exists in the repos on your systems?
View 1 Replies
View Related
Mar 18, 2011
Can anyone recommend any open source customer support portal software? I'm looking for something where users can sign in, and submit support tickets for a wide variety of issues (game play, billing, etc). Then a Support Agent can login and assign tickets, respond, etc. I've already started looking at bugzilla, but I was hoping to find some other options to compare to.
View 5 Replies
View Related
Apr 3, 2010
Can someone please tell me what packages are required for compiling source on Slack 13? Something is missing in my box and I get errors, I can't figure out what it is.
View 11 Replies
View Related
Apr 10, 2011
I do have a problem on updating linux ubuntu 10 I'll show you the error and my sources.list.. Error in authenticating some packages: It was not possible to authenticate some packages. This may be a transient network problem. You may want to try again later. See below for a list of unauthenticated packages.
acpi-fakekey
acpi-support
acpi-support-base
acpid
[code]....
View 4 Replies
View Related
Mar 15, 2011
At work / home / laptops I have about 5 slackware machines. I have always tended to install new packages on each machine from source, generally using slackbuilds when available. I thought I would try 'libreoffice' and reading alien-bobs blog I deduced that a full from source install might be pretty difficult, so I followed his advice and just took the package (.txz file) and used installpkg. To my slight surprise this installed and ran perfectly.
Now I'm wondering if someone would clarify under what circumstances you can just take the slackware package from one machine to another and install. More generally I guess what are the main advantages of building from source. Is it mainly about availability of all the required dependencies?
View 9 Replies
View Related
Aug 9, 2010
I know this has probably been solved multiple times, but I've searched the forum to no avail. I have a PPTP server setup properly with all ports forwarded correctly. A remote machine can connect and authenticate just fine. They get their IP assigned and everything.
The problem is that no traffic is being routed through the tunnel. Or, rather it is but the server doesn't seem to handle it. In a web browser I just get an error message. On a windows client I ran ipconfig and found a gateway address had not been assigned through the VPN tunnel. Could this be the problem? If so, how can I fix it?
View 1 Replies
View Related
Aug 15, 2010
I can't seem to get CBQ / tc working when I attempt to filter ip+port. It works when I just filter on IP though, I don't understand what the problem is. Here is my CBQ file.Quote:
DEVICE=ppp0,51200Kbit, 51200Kbit
RATE=512Kbit
WEIGHT=512Kbit
[code]....
View 1 Replies
View Related
May 22, 2011
I added a few rules to my /etc/iptables.rules file and then used sudo iptables-restore < /etc/iptables.rules but i got an error saying "iptables-restore: line 29 failed".But the only word on that line.
View 1 Replies
View Related
Nov 29, 2010
Even though I've set up HTTPS to be trusted, it still blocks my school's https site: "mnsu.edu/eservices" same with SAMBA and SSH.
If enter the GUI and authenticate as root, change anything and apply, then exit: it works fine and so does SAMBA. However, after restarting, everything stops working again.
yet secure firewall configuration that doesn't require any login or headaches.
View 6 Replies
View Related
Aug 9, 2009
Is it possible to apply a rule to a specific local IP? For example lets say I have a two IP's assigned to my server, 1.1.1.1 and 2.2.2.2.;.I want to deny all connections going to 1.1.1.1 only asides from a couple of trusted IP's I will define.
View 1 Replies
View Related
