Networking :: Iptables Nat Bouncing Through Interfaces
Apr 10, 2010
I have 2 interfaces (only one wan facing) with public ip addressing. when i nat to the outside network, inside routed networks work fine, but when i nat to the inside interface the routed networks no longer work. That is too say when I nat to an inside ip, I appear natted, and not routed, to routed ip. My question relates to iptables: How to I say 'nat everything but the routed networks'? I have found that -d ! x.routed.1.x/x works: but I would like to write the rule so that it says -d ! x.routed.1.x/x + x.routed.2.x/x
I have a computer with two interfaces eth0(LAN) and eth1(WAN).I have followed some guides on the internet and came up with this iptables configuration:
# Generated by iptables-save v1.4.4 on Wed Apr 20 09:43:12 2011 *nat :OUTPUT ACCEPT [0:0]
When I use system-config-firewall, it asks what interfaces to trust. Where does it store that information for iptables (or whatever uses that info)? How iptables knows at what interfaces to use the rules?There is not that kind of information in /etc/sysconf/iptables and iptables-config.
I had been using Guarddog for iptables but I updated to KDE4 and guarddog does not work with KDE4, neither does Firestarter. Is there a Graphical interface for iptables available that works with KDE4?
I have a weird issue that I have not seen on any forum. My jaunty on DELL studio laptop seems connected to net, but I can not access any network service (ssh, firefox etc.). But when I connect a cable the cable lights blink as it should be and in wireless connection my wifi light blinks.
It was working 2 days ago without problem, and I have not done big changes recently.I removed and reinstalled network-manager and network-manager-gnome. Nothing changed. I see a message in each restart as follows (when Openafs is starting). I can reproduce it with "/etc/init.d/openafs-client restart"
Code:
ADVISEADDR:error in specifying interfaces: no existing ip interfaces found
I have 3 Interfaces for a different LAN's and when I start one interface the another interfaces goes down.How can it's possible?I configure my ethernets as:
If I try to add a new interface (eth1) to /etc/network/interfaces, I get
Code: * Reconfiguring network interfaces... SIOCSIFADDR: No such device eth1: ERROR while getting interface flags: No such device SIOCSIFNETMASK: No such device
[Code]...
How do I add 2 interfaces and get anyone of them to work, as available ?
Mail going to invalid email addresses are being forwarded to postmaster@domain instead of being bounced. How can I fix this? postconf -d | grep mail_version gives the following: mail_version = 2.2.5
m using atmailserver which i have configured it as relay server for another domain, the problem arose sometimie when they are sending mails, the mails bouncing with the below error;my server is [URL]
----- The following addresses had permanent fatal errors ----- < Muu@zac.com>
----- Transcript of session follows -----
.. while talking to [URL]
>>> DATA <<< 550-Virus Phishing.Heuristics.Email.SpoofedDomain detected. Mail delivery 550 avoided.
I have a quite strange problem with my keyboard. When I type text fast the cursor seems to lag (for some milliseconds) as if it can't process so many characters so quickly. As a result some of the characters I have typed are omitted and sometimes I get double characters (bouncing). Sometimes this problem gets really annoying and I can't find any information about it. I'm trying to find out if it is a hardware or a software problem, but I can't figure out any way to do this. I've read that xkbset can solve bouncing, but in my case it didn't really help. I use a laptop (Toshiba Satellite C660) with Debian Squeeze (kernel 2.6.38-2-amd64).
I have 2 icons on my Desktop (Firefox and Thunderbird) on my newly installed openSUSE 11.2, which when I click on them the icon bounces for about 30 seconds, but then stops bouncing and the software doesn't load. I've deinstalled and reinstalled the software to no avail. What causes these icons to bounce but then not load? Is there anyway I can fix this so the software loads normally? I have a working internet connection, so it's not because of the lack of internet, as far as I can tell.
I'm on an embedded system that doesn't have Gnome, and I'm trying to startup networking automatically using /etc/network/interfaces. Here's what I have.
[Code]....
eth0 comes up just fine. wlan0 comes up, but it's unable to acquire a DHCP address. I added the following lines to /etc/rc.local, and wlan0 comes up all the way, but I'm not too crazy about this hack.
I'm testing some network setups, and bought two dirt-cheap USB network interfaces. My plan was to attach these two to an embedded device (sheevaplug) and mess with firewall setups. However, the two interfaces are absolutely identical; they have the same MAC, and lsusb -v is the same for both, line by line (except for device number, which tells the order the devices are plugged in, I believe?). Also, this is a single usb bus (single port, with a hub).
Now, obviously I can't make much of a firewall setup if I can't tell the interfaces apart. I realize I probably hit a brick wall, but does anyone have thoughts on this?
I have two interfaces, gprs0 and gprs1, both connected to the Internet from the same HW device, but through two different access points I just read another blog entry with a guy who had two network cards, using one as a back up - I guess this is a little similar, but should be much easier I am guessing - I am just lost Using ifconfig (IP address given by the network) and route to setup the connection,
ifconfig gprs0 10.20.30.40 up route add default dev gprs0 ping 66.102.7.99 works fine afterwards
[code]....
There is data being transmitted and received to device again, I guess the kernel just doesn't know where the incoming data should go without the correct routing tables? Or what exactly is going on?The question I have is how do I configure the device to do the correct routing, using only the ifconfig and route commands? Maybe too trivial for you guys, but I am getting tired of goofing around not knowing what is up and down anymore
I installed the latest release of Kubuntu on to my dell laptop about 3 days ago, I fell asleep last night and woke up to my laptop not being connected to my wireless(it was when I fell asleep, it didnt reboot or anything overnight an dno one touched it), so I plugged in an ethernet cable and it still did not detect an internet connection, then finally it connected through my phones mobile internet via Usb.
However none of the built in networking devices are working, I have them all enabled.My WLAN Interface says "Unmanaged" and Networking interface complains the cable is unplugged even when it is not.I know you guys will need some additional info from me to help me.I just used my mobile broadband to install Wicd network manager but thats just a temporary fix, as it doesnt fix my ethernet issue and I want to be able to use the network manager itself to manage my networks.
I'm using Debian Squeeze with backports turned on and I've installed connman and it cannot see my wireless networking interface. I know my wireless card has a working driver because I have WICD on the same system and it connects just fine.I am using the Enlightenment desktop though and it only integrates with the connman wireless manager - so I would prefer to use this instead of WICD. Anyone have any ideas on how I can get connman working? What extra configuration needs to be done after installing?
I added my user to have the same permissions as root to the /etc/dbus-1/system.d/connman.conf file and I added my tiwlan0 to /etc/network/interfaces as a DHCP connection with no changes in functionality :-/. Been searching around online and reading man pages for the last couple days with no good results. Any input would be awesome!
I have a laptop "fura1" with two interfaces, eth0 (Ethernet) and eth1 (wifi), which I assign IPs 192.168.1.10 and 192.168.1.11 respectively. Then a desktop "fura2" with only one interface eth0 (Ethernet). Both are connected to a local network along with other appliances. My doubts arise on how to configure the /etc/hosts file of the desktop "fura2" taking in account that "fura1" has two interfaces, so two IP, but, obviously, only one hostname.
But it seems to my that assigning two different IPs to the same host is not a good solution. On the other hand, if I give different name to each interface, I will got a host with two hostname (?).
I am seeing an issue on a few servers where it doesn't appear all NICs in the 802.3ad lag are all operating at the same level. A few of the servers have two bonds each with two NICs in each bond.I have two NFS servers that each has 1 bond with 3 NICs.All are RHEL5 x64 2.6.18.I think the reason why I see one interface dominating RX and another dominating TX is due to the xmit_hash_policy but there are three hosts that use this particular server for network traffic.That's 3 different physical mac addresses.The layer2 algorithm should be fine in that situation I would think.Would I just be better off with balance-rr?
I have two eth interfaces bridged in CentOS, one of these interface is connected to a Windows Server, I can do a ifconfig down on both these interfaces and there is no change of status at the windows side, I don't get the message that 'network cable has been unplugged'
Is this behavior normal ? I think when you shut an interface than you get the interface down message at other end ? And what becomes the status of the bridge if I shutdown one of its interface ?
I would like a basic firewall on my netbook and first attempted this by using firestarter as i have no experience in writing IPTABLES rules from first principle and to be honest the syntax looks horrific! the problem with firestarted is that when i selected WLAN0 to be the internet connected port everything worked fine until i connected to a VPN at which nothing would work (the only error i got was when pinging an IP address when i got sendmsg not permitted) my normal setup is this.... normally im connected via WLAN0 to the internet. but one one particular network i must activate the VPN to use anything, this creates another interface tun0. both wlan0 and tun0 will be assigned an ip address but only the tun0 will do anything (the wlan0 one is configured by the network to just allow traffic to the vpn gateway and nothing else) what i really need is some way of creating a basic firewall (drop all incomming except ports i specify) that lives on wlan0 unless tun0 is active in which case it moves to tun0
I have a UBUNTU server 10.04 LTS with 3 network interfaces (eth0,1,2) with eth0 is connected to my lan and others connected to two different ISPs , I am looking for a very flexible and complete monitoring tool which can monitor all of the traffic of incoming and outgoing of any interface and SPECIALLY can show me which local client made connection to which interface for connecting to internet in online mode not offline and it is good to have online web base interface I mean the interface shows the measured data in real time mode. I fount some tools like iftop and iptraf and many others in this url: http://www.ubuntugeek.com/bandwidth-...for-linux.html but non of them are suitable for my net I mean none of them have good web real time data and non of them shows "which local client made connection to which interface for connecting to internet".
Is there a way to do multiple interfaces in tcpdump? I have found that when using "-i any", not all packets are captured (compared to "-i eth0" on a machine with only one interface). I need to monitor traffic on some machines with as many as 6 interfaces, and get these packets that "-i any" misses. When I give the "-i" option multiple times, it seems to only use the last one.
I have installed Debian 5 and dident configure the network interfaces at installation.Now i am not able to connect to the internet through Ethernet or Wireless. How do i configure the interfaces after installation ?PS. the interfaces show up as "Not configured" in the network manager
Is there a way to add the wireless network which has a WPA/WPA2/certificate + Peap+MsChap+user+password to /etc/network/interfaces? Am trying to do a bash script that asks user and password and dumps it with addition info such as Peap/Mschapv2/cert into /etc/network/interfaces so it could be automatically activated. Any Ideas? Am on ubuntu 10.04 - using the GUI network-manager it connects without any problem after adding the user/pass/cert/mschapv2/peap. But I wanted to be configured thru command line?
I have just recently switched from Gnome to KDE in 11.2 since there was some sort of major KDE update that fixed the issues I had been having with KDE. Ever since, I have not been able to get miro to load. I try to run it and all I get is the bouncing logo, then nothing. When I try to run Miro in terminal, I get this:
solomon@linux-yz7i:~> miro ERROR:dbus.proxies:Introspect error on :1.150:/org/participatoryculture/dtv/OneTime: dbus.etop.DBus.Error.NoReply: Did not receive a reply. Possible causes include: the remote applicge bus security policy blocked the reply, the reply timeout expired, or the network connect PyNotify support disabled on your platform.
And it will sit there for eternity or until I close the terminal window. When I run Miro as root, I get this:
linux-yz7i:/home/solomon # miro Traceback (most recent call last): File "/usr/bin/miro.real", line 48, in <module> upgrade.upgrade() File "/usr/lib/python2.6/site-packages/miro/plat/upgrade.py", line 77, in upgrade if client.dir_exists("/apps/democracy/player") and not client.dir_exists("/apps/miro"):
glib.GError: Failed to contact configuration server; some possible causes are that you need to enable TCP/IP networking for ORBit, or you have stale NFS locks due to a system crash. See GConf configuration system for information. (Details - 1: Failed to get connection to session: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken.)
I am running Fedora 13 and after my machine is booted my ethernet interface eth0 does not have an IP address. Running
Code:
At the terminal does not work, and I can see that in /var/log/messages I have the following error:
Code:
I assume that the same command was attempted during the boot process (please correct me if I am wrong) to use DHCP to get an address for eth0, but failed for the same reason it is failing after boot when I run it manually, whatever that reason may be.
I noted, however, that eth0 IS in broadcast mode:
Code:
I also noted that running
Code:
Does in fact work and will run DHCP and configure eth0 with an ip address.
It is quite mysterious to me why running 'dhclient eth0' will work, but manually running 'dhclient' does not.
- eth0 is connected to a 'Green" interface of a smoothwall router. - eth1 is connected to a 'Orange' interface of the same smoothwall router.
The smoothwall router is setup to forward port 80 to the address of the eth1. I can ping eth1 from the smoothwall router so there is that connection.I have a web server running on port 80 and I have opened port 80 in the firewall and made eth1 a trusted interface.In this configuration, when accessing the outside world all the traffic goes through eth0 and DNS is snappy and faster. The problem is that anyone outside can not access the web server with a timeout error.If I disable eth0 and set DNS info on eth1( DNS servers are the QWest IPs ), people can access the web server, but DNS is very poor often taking more than a minute for a look up.Is there any way to get the two interfaces to work together?
