Networking :: UPnP Not Working After Traffic Forwarding Through Server
Dec 30, 2010
I have just recently switched my setup to have my server be in the middle of traffic and act as my new router while making my other routers just switches. However, after doing this I can no longer access my UPnP devices. They used to show up in my router but I am assuming either there is an issue with my iptables rules or that some how having my server run the dhcp and dns routing is messing with UPnP.
View 2 Replies
ADVERTISEMENT
Sep 15, 2010
I've recently moved my media center pc from windows 7 to Ubuntu, now while on windows 7. I used the machine with XBMC and utorrent with upnp enabled on my router (Netgear WNR2000 v1) and also in the utorrent client for the port mapping. I was also able to connect to the machine from work via remote desktop (via Windows RDP, real/ultra vnc) using either a windows machine or via ubuntu that I have installed on a laptop (externally to my network). Utorrent also was able to talk to my router and ask for the ports it needed via uPnp or even by setting the port forwarding manually.
Since upgrading ( ) to Ubuntu from windows 7 on my mediacenter pc I've not been able to connect via RDP / VNC using port forwarding from the outside world although I added ports 5900 and (i beleive) 3389 to the port forwarding section in my router and pointing it to the static ip on my mediacenter. I'm also not able to get the ports to forward for deluge / vuze at all, if i manaually set port forwarding up then nothing happens and deluge says it has no incoming connections and it also doesn't talk to my router to ask for ports via upnp.
The same also holds true for the linux version of sopcast which will not connect to any streams. I can also replicate the same issue on a laptop that I use with ubuntu installed. If I watch my upnp page on my router config then I can see that my windows clients (Brother & Mom's macine) both talk to the router and ask it for ports so I assume that the router is working as it should be but obviously the fault happens when my ubuntu )10.04.1) clients ask for any kind of ports. By default is there any kind of firewall installed on ubuntu or anything I need to do to allow it to ask for upnp connections?
View 1 Replies
View Related
Jul 19, 2011
My PC is part of a LAN so while configuring eth0, we specify the Gateway to access all other resources in the network. The PC successfully access Internet through a proxy server configured in Mozilla(manual proxy config) but the update option or the Synaptic Pkg mngr are not able to access internet anyway. I have tried the option "Apply System Wide" in "Network Proxy" but no progress so far.
I also tried to forward all request coming for udp/tcp on port 80 to the proxyserver on a specific port, but with no success. Also I can't ping any website from terminal, reiterating the fact that I can access internet in firefox through the proxy on a specific port.
View 2 Replies
View Related
Jan 18, 2010
I am setting up a new server with 2 nics installed. Nic0 goes to the firewall and nic1 goes to the internal engineering network.
Problem is Ip forwarding is not working!
Particulars:
Server Name - slick
Firewall Name - gateone
engineering node - crooked
Routing on slick:
From crooked ( which is inside the server (slick) with an ip address of xx.xx.221.249 the only way I can ping or anything outside of the firewall ( gateone) is to turn on IPtables with this configuration:
I don't want to use IPtables. I need the ip forwarding to work.
View 6 Replies
View Related
Mar 15, 2011
I wanted to tell my server to block all traffic but US only traffic. So i followed this guide:[URL].. Now I know, it's the best way to help prevent hackers/crackers (doesn't matter to me what they are called. I just have to stop them). My server only deals with US clients anyways so might as well just start right there for my server's security before getting into the brute force and injection preventions. So I got it all done compiled everything moved to the proper directory. I then started to setup my iptables. Like so
Code: iptables -F INPUT
iptables -F OUTPUT
iptables -I INPUT 1 -s *.*.*.* -p tcp --dport 22 -j ACCEPT
iptables -I INPUT 2 -s *.*.*.* -p tcp -j ACCEPT
[Code]...
After seeing that i went digging in the code and figured it was something todo with memory allocation.
View 1 Replies
View Related
Sep 27, 2009
Recently I notice that when I'm connected to an vpn server (pptpd) and I'm using it as a default gateway my download and upload speed decreases almost to the half of the usual speed. I made a test using iptables in order to count how much GRE packets are generated (except the real traffic itself) in that way:
Code:
iptables -I INPUT -p gre -j ACCEPT
iptables -I OUTPUT -p gre -j ACCEPT
iptables -I FORWARD -s 172.16.10.101 -j ACCEPT
iptables -I FORWARD -d 172.16.10.101 -j ACCEPT
The first 2 rules match all GRE packets between the pptpd server and client, and the next rules - the traffic between the server and the client.
When I turn the counters to zero and begin to generate traffic (to browse, to download etc.) I see that the GRE packets are even more than these in the FORWARD chain.
So, my question is first of all is my test correct and is it true that so much gre traffic is being generated during the browsing (it becames clear that the traffic is double than if the pptpd wasn't used as a gateway) and if yes - can that traffic be reduced?
View 3 Replies
View Related
Jan 7, 2011
here is what i need to do: [url]..... resolves to 209.5.5.5 which is my public IP on the external side of my router. Router is setup to forward (port forwarding) all port 80 based traffic to internal ip 192.168.1.10 which I want that server to lookup the request, and for web1 forward to 192.168.1.101, for web2 to .102 etc....how can i acheive this? What do i need to use?
View 6 Replies
View Related
Oct 28, 2009
At the moment I have a proxy and all the users have to configure it in the browser to access internet. I want to make the users able to browse even without configuring the proxy in the browser. but eventually it should be received in the proxy rather than giving an error to the user. I heard with transparent proxy I can redirect all the traffic from a particular network, to a particular host( ie my existing proxy).
I tried this using firewall rules. But then the existing proxy doesn't understand the protocol of the requests. I heard that it should be in the kind of proxy protocol.
View 1 Replies
View Related
Jan 6, 2010
Pre-exsisting issue from 9.04 server, and has never worked right for me. When I try to open an X11 forwarded app on a mac using the command "ssh -X myusername@serverIP" Other linux machines have similar issues from terminal. I can login just fine and preform any actions I want that do not require X11 forwarding, like say firefox or a manager. I just get the error "Error: no display specified" when trying to do anything with X11 forwarding. I have almost no Linux experience but from tinkering and my friends tinkering wonder if I have a x authority issue.
At one point I had ubuntu desktop package installed (forwarding still did not work then), did a unclean uninstall of it installed Xubuntu. Xubuntu did nothing but throw fits saying I did not have authority to preform all sorts of actions, many relating to root access. This box is meant to be a headless file, print and web server with the ability to login remotely as a convince for administration. I have given up on having a working GUI of any kind on this box. I really do not want to reinstall because of the amount of data on the main partition. What can I start trying to look into?
View 1 Replies
View Related
Mar 26, 2010
I have the following setup and Im trying to forward all incoming connection on port 1194 on eth2 which is the external network to ip 192.168.10.100, but seems its not working.
Current config:
# Generated by iptables-save v1.3.8 on Sun Nov 16 00:00:54 2008
*nat
:PREROUTING ACCEPT [26751696:2175544875]
:POSTROUTING ACCEPT [339911:19096812]
[code]....
plus im adding the prerouting:
iptables -t nat -A PREROUTING -i eth2 -p tcp --dport 1194 -j DNAT --to-destination 192.168.10.100
This configuration doesnt work. I also I have tried:
iptables -D PREROUTING -t nat -p tcp -d XX.XX.XX.XX --dport 1194 -m state --state NEW,ESTABLISHED,RELATED -j DNAT --to 192.168.10.100:1194
and the same its not working. Connecting thru telnet to the domain: telnet mydomain.org 1194 doesnt work, but within the server, running telnet 192.168.10.100 1194 it works.
View 8 Replies
View Related
May 7, 2011
I am trying to redirect my display from a debian box that I ssh into to my laptop. I connect using
Code:
$ssh -vv -XC remote.host
and in the debug messages all I get about X is this
Code:
debug1: Requesting X11 forwarding with authentication spoofing.
Once I'm connected, X forwarding does not work. For example, when I try and start, say, xcalc, I get
Code:
$xcalc &
Error: Can't open display:
It seems that the problem is the $DISPLAY variable is not set on the remote machine (echo $DISPLAY doesn't return anything), but from what I read, sshd is responsible for setting this variable, as long as "X11Forwarding yes" is uncommented in the /etc/ssh/sshd_config file (which I made sure is true). Is there any other reason why sshd won't open a display on the remote host?
View 5 Replies
View Related
Apr 1, 2009
I'm trying to set up my CentOS 5 box as a gateway for my home network.I've set up dhcp on my internet interface (eth0) and dhcpd on my LAN interface (eth1).I can browse the internet from my CentOS 5 box.I can ping the CentOS 5 box from my LAN.However, I can't browse the internet from my LAN.I've enabled IP forwarding in /etc/sysctl.conf and I've disabled my firewall. I've saved these changes and rebooted. Again, no internet browsing from my LAN.
View 2 Replies
View Related
Jun 1, 2010
Im running a web server on port80, but i want traffic coming from ip 212.333.111.222 on port 80 to be fowarded to port 9020 on the same server that my web server is rinning at that is my sshd port
View 1 Replies
View Related
Apr 23, 2009
I am running Fedora Core 10 and KDE 4.2.1. My KTorrent is having trouble finding online peers lately. I suspect this is a port forwarding issue. I have set up my router to forward port 4444 (UDP) and port 56000 and more (TCP) to my machine's IP address. I have also set my local firewall (system-config-firewall) to allow these ports through.But when I try to test ports 4444 and 56000 via this Open Port Check Tool, it tells me they are closed
View 6 Replies
View Related
Jan 28, 2011
I've used iptables since it replace ipchains, and I've never had a problem like this.The problem is, as you can see by the title, that port forwarding simply does not work.
network topology:
Slackware Linux Server:
eth0 - LAN (192.168.0.0/25)
eth1 - DSL Static IP
eth2 - cable Static IP
eth1 is our standard office connection; it handles all of our default traffic (web browsing for the staff, email, etc). eth2 is our VPN connection, as well as use for all incoming connections (www, etc). Behind the linux box I have a series of Windows Server 2008 R2 boxes that are used to run our office software, website, etc - I don't care how nice they make their products these days, I simply don't trust any MS box open to the net.
Therefore, this leaves me with having to port forward port 80 from eth2 to the internal IP address of the web server.
My ruleset is as follows:
$WWW - ip address of the web server
iptables -A FORWARD -d $WWW -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -i eth2 -p tcp --dport 80 -j DNAT --to $WWW
Running ip route shows that I have routing entries for all 3 networks, and I can ping, ssh, etc to any of the addresses without issue. OpenVPN connects across eth2 as well, and all 15 of my VPN tunnels work fine. However - and here's the kicker - if I delete the default route and replace it with the route for eth2, port forwarding works fine.
If we accept that my networks are as follows:
192.168.0.0/25 - eth0 net, gw .1
1.1.1.0/29 - eth1 net, gw .1, eth1 ip .2
2.2.2.0/30 - eth2 net, gw .1, eth2 ip .2
then ip route reveals the following:
2.2.2.0 via 2.2.2.1 dev eth2
2.2.2.0 dev eth2 scope link src 2.2.2.2
1.1.1.0 dev eth1 scope link src 1.1.1.2
[code]....
View 7 Replies
View Related
Sep 12, 2009
For the background, I'll be using my router as a firewall with snort-inline enabled. I got 3 NIC's: one for the WAN, the second will be bridged to the WAN NIC for queuing traffic which snort-inline requires, and the third is the LAN NIC (the computer I use for everyday work). Here's how I have my interfaces set up:
Code:
# /etc/network/interfaces
# Loopback interface
auto lo
iface lo inet loopback
[code]....
From what I understand, queuing needs to be set up on the bridge. From the documentation I've read it's done like this:
Code:
iptables -A INPUT -j QUEUE
And then to forward traffic, I did:
Code:
iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE
I've done this and am able to ping the router, obtain a DNS address from dnsmasq from the LAN computer. From the router I am able to connect to the internet (ping, links <address>...). From the LAN computer trafficking isn't getting forwarded, Firefox, links, ping all don't resolve.
View 7 Replies
View Related
Feb 18, 2010
I was trying to setup port forwarding on my setup. My network consists of:
Code:
[Server: xxx.xxx.xxx.15]
|
|
[ switch ]
[code]....
I ran the following 2 commands:
# iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j DNAT --to-destination xxx.xxx.xxx.15:80
# iptables -A INPUT -i eth1 -p tcp -m tcp --dport 80 -j ACCEPT
Yet I am unable to connect. Are these the correct commands? I am using IP Masquedering on the same box using the following commands:
Code:
$IPTABLES -P INPUT ACCEPT
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT ACCEPT
[code]....
I don't think there is a hidden firewall in the switch but if these commands are correct, then I may need to contact my ISP and see if they are blocking the commands. I just wanted to make sure I was not doing some stupid mistake before I try to contact my ISP.
EDIT: Also, is it possible to forward Port 80 requests to different servers depending on the hostname used to connect, so say [URL] redirects to server xxx.xxx.xxx.15 while hhh.com redirects to xxx.xxx.xxx.16?
View 3 Replies
View Related
Feb 3, 2010
I have two PC's, one with slackware and one with arch, and I am trying to access the web server from the archlinux machine but i haven't manage to do that. The archlinux machine is connect to the internet via the slackware machine via a crossover cable:
internet > eth0 (pc1) and ppp0 (the PPPoE connection, pc1) > eth1 (pc1) > eth0 (pc2)
PC1:
ifconfig eth1 192.168.0.1 netmask 255.255.255.0
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
iptables -A FORWARD -i ppp0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth1 -o ppp0 -j ACCEPT
pc2:
ifconfig eth0 192.168.0.2 netmask 255.255.255.0
ifconfig eth0 up
route add default gw 192.168.0.1 eth0
/etc/resolv.conf (The same DNS as the first PC)
And now the internet is working and on the archlinux machine, but I am not able to access the web server from LAN with a public IP. I tried many iptables port forwarding commands but none worked.
View 14 Replies
View Related
Feb 20, 2010
This should be easy but for some reason its not working. I don't have admin rights on one of my local networks to open the firewall for port 80 to make my server accessible remotely (from the internet). I have a remote server (OpenVZ VPS) and I want to port forward so that [url]:8080 will point to my localhost:80 from the internet itself (i can get it to work on the remote VPS server's local network)...
How could I accomplish this? Basically, I am trying to serve webpages from behind a firewall using a VPS as a hub.
View 4 Replies
View Related
Sep 29, 2010
I need to set up my centOS computer as a firewall in my home network. Ive got 2 interfaces, eth0 and eth1. I want to allow and forward all traffic on eth0 and block all traffic on eth1 except ssh, ping(icmp) and DNS. How do I do this? Ive tried some editing in /etc/sysconfig/iptables but no luck.
View 1 Replies
View Related
Jul 9, 2010
Here's my (admittedly complex) situation:
I set up a dynamic DNS address for my home network. Let's call it [URL]. Then I set up one of my machines with a bind9 DNS server and pointed my router's DNS setting to it. I did this so that I could resolve awesome.server.com from machines inside my network and have them correctly find my server. Then I set up a second machine to serve web pages using [URL]. I did this by forwarding port 9200 on my router to port 80 on that machine. This works, but of course, it only works from outside my network.
What is the best way to get [URL] to work from inside my network?
I've tried setting up the iptables on my server to forward that port, but it just times out. I used these rules that I found by searching the internet:
Code:
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 9200 -j DNAT --to 192.168.0.300:80
iptables -A INPUT -p tcp -m state --state NEW --dport 9200 -i eth1 -j ACCEPT
However, those rules might be failing because they are intended to forward ports requested from outside the network. I must admit, this iptables stuff is way, way over my head. Is there a different method that I must use to make it work inside my network? Or is there a better way besides iptables?
View 1 Replies
View Related
Aug 29, 2010
I'm trying to get my SSH server I set up on my home box working from behind a router. A 2wire 2700HG-B gateway, in fact. Now, I know my server is working fine, because I can get into it via loopback, anywhere inside the LAN from another machine, OR if I go into the router's config and enable DMZ for the machine. However, I don't like having DMZ on all the time because of the kludge-ness of it, and the security issue of the complete absence of a hardware firewall.If I try to port forward and access it from outside the LAN using the external IP (or my DynDNS, because it's dynamic), it just times out. I have a nonstandard port (45) for the listen port of the server, to keep away hack attempts if I were using the standard 22. I used this to see if the port was open, and it said it was. But, I tried the trick of telnetting the IP with that port, and it also timed out, instead of printing stuff about OpenSSH.
Attached is a screenie of my router's firewall page, so you all can look at it and see if I'm an idiot and doing it wrong. You might notice uTorrent there, it's because this machine is a dual-boot with 7, and the router doesn't differentiate the OS's. Also the SSH @ 46 port is for the Windows side, with freeSSHd. I changed the port on that one so the client I have can distinguish them, so it can run a reachability test.
View 9 Replies
View Related
Oct 3, 2010
I'm trying to enable port forwarding so I can use my computer as an FTP server to some friends. Here's my setup:
CLEAR wireless modem <--> LAN port 4 on router (not WAN) and LAN port 1 on router <---> eth0 in Ubuntu 9.10
The modem acts as a DHCP server which successfully assigns an IP address to my desktop system. I can also go onto the internet just fine on my desktop, and any other computer that connects to the router.
I have enabled port forwarding on the modem (not the router because it's being used as a switch, and not using its WAN port) to forward ports 21 and 80 to my desktop. What I don't understand, though, is that when I try to FTP to the modem's WAN IP address, the connection is refused. However, when I use websites such as:
www.canyouseeme.org
www.yougetsignal.com/tools/open-ports/
They say ports 21 and 80 are open (and not other random ports like 22 or 23 which I tried to see if the site simply said everything was open) but I cannot access my site from a web browser.
I was wondering what it was that's stopping computers from the Internet from communicating with my computer? The modem? The router? Configs?
View 3 Replies
View Related
Aug 11, 2011
i am forwarding HTTP request to a internal server, it is quiet successful but access logs donot show the ip of the external m/c. Rather it shows the ip of the machine on which i have enabled port forwarding.
View 2 Replies
View Related
May 20, 2010
I'm currently tunnelling to my Ubuntu pc at home from my laptop in order to bypass my schools false-positive prone filter. Is there a way to record traffic that both comes to and is delivered by my pc?
View 1 Replies
View Related
Jun 2, 2011
I've got a solid PC w/Xeon dual core, 4gb RAM, and (2) 1Tb Sata HDs - looking to replace a WinXP pc that currently is running PlayOn (for media to the BD player on the TVs) and sharing folders/drives to all the PCs (WinXP, Win7, OSX, and Ubuntu.
I have tried a few distros to get media shared to the BD players, and even a Win7 - but the BD players can't seem to play any of the video files on the newer 'servers' - and only the Win7 even appears to the Sony TV in the living room (even though it can only browse the folders with video files). Another problem with the Win7 being tested for acting as a server - is the Macs cant seem to access the shares (get Access Denied errors).
Wondering if there is any good distro that is mainly setup for sharing files and storage space to all my devices. Thinking of trying FreeNAS, and seeing if I could add the UPnP/DNLA server packages to it?
View 2 Replies
View Related
Feb 7, 2010
I am setting up Apache (Fedora 12) inside my home network. From inside my home network I access it without any problem. I need to set it up to access it from internet. I have the following questions. Here is temporary setup for testing purpose.
Internet-->ADSL modem (SEIMENS Speed Stream 4200)---> Apache (Fedora 12)
1. Do I have to do any kind of ports forwarding on ADSL modem. (There is no option to do port forwarding on Modem) May be I need different Model of Modem??
2. I tired to Ping my real IP for modem form another computer from internet. I am even unable to PING the ADSL 's real IP. Why it is that?
View 6 Replies
View Related
Dec 28, 2010
How could I configure Ubuntu to be setup as follows...
Wireless Client ----> Wireless Router ----> Home Server ----> Internet
What is needed to make all of the wireless traffic go to my internet connection port. I will be having two ethernet cables plugged into the system one from the wireless router and one to my internet router.
View 1 Replies
View Related
Apr 25, 2011
I like AWstats for viewing/visualizing web traffic to my server. However, I am in a situation where I would like to visualize ALL traffic to/from a network, in a way similar to AWstats. That is to say, Free and Visual. The program will have to be linux/http/java based as it will run on a linux server off of a Network Tap.
View 5 Replies
View Related
Feb 16, 2009
I am a complete newbie to linux and Fedora, having previously used Windows/Vista. I have a Netgear router which is configured to allow upnp, and i use deluge as my bittorrent client, though would use either transmission or deluge. I used deluge on windows and upnp worked fine, but now i am usisng fedora with the same settings it doesnt work.
In Deluge (or Transmission) UPnP is ticked and i have limited port range to on port say 57000. In Router config UPnP is ticked. In the Fedora firewall i have gone in and set it up to allow the specified port, say 57000 in other ports.
View 8 Replies
View Related