Networking :: Packets Not Routed Properly After Setting Up Machine As Router?
Aug 13, 2010
I have three machines say A B and C. I want to make machine B as a router for A and C, so that the ping packets from C to A should be going via B. I have directly connected two interfaces(eth4) of A and B and similarly two interfaces(eth5) of B and C. I have even set up a route between B and C. 1. But I am not able to set a route between B and A.2. If I ping A from eth4 of B(viceversa) it works. When I ping B from eth5 of C it work but not the viceversa.3. Also, if I ping from C to A, B receives the packets, but not A.
I have searched google, but can't really get the hang of setting this up.Most howtos are setting up a DHCP and PXE on the same box. At the present my DHCP is done by my router and I want to set up the PXE server on my main PC.My router can re-direct traffic types based on ports (UDP or TCP) to an IP but can't do the bit about directing the pxe loader name (and I really don't want to ssh into it and start messing about there)If I redirect the port (what ever it may be, help required here) how would I go about setting up the Ubuntu PC to do the load and pass back to the PC trying to PXEboot?
In addition to 2 "desktop" machines, I recently set up an Ubuntu Server with Apache2, but when I try to access my www.homepage from a machine locally connected to the same router (via both wired & wireless interfaces), I am directed to the Login page of the router, not to the www.homepage. Yet, when I access the www.homepage from elsewhere, my www.homepage is accessible.
I can browse to my www.homepage by entering the local IP address into browsers on both local machines, so I know the machines are talking to each other. Just not letting me get in via normal internet browsing channels.
Server: Ubuntu 11.04 Webserver: Apache2 Router: D-Link DIR-615 IP Address of: 192.168.0.110 (reserved on router, static on server)
I bought a Cisco 1841 to study for a cisco certs. In iptables terms filtered packets are -j REJECT instead of -j DROP. To make things worse telnet and ping replies are on by default.
I want to set up a Linux box as a wireless router to replace our existing Netgear WNR1000 router, as I believe the Netgear does not support the coming IPv6 protocol. Unfortunately, it is not flashable with OpenWRT or DD-WRT presently.
As we have Comcast, our cable modem acts as a dumb modem according to the customer support guy I talked to, and our router is the one that asks for the IP address from DHCP. Thus, when Comcast switches over to IPv6, I don't believe my existing router would work, correct?
My idea is to take a Linux box and put two NICs and a wireless adapter in it, using IPCop or Smoothwall to set up a router. I could then enable IPv6 support for when we have IPv6 with Comcast. Is that possible? Would there be a way to get BIND to hand out private IP addresses in the same subnet on the both the LAN NIC and the wireless card?
Assume this: Machine A sends a packet to machine B, no application in machine B is waiting for the packet, Now: What happens in kernel? What happens to this packet exactly?
I had been running my SMTP server with WINE, as the SMTP server software is a Windows-based program (MERCURY), but I cracked the shits with WINE and removed it. Now I am running my SMTP server in a Windows virtual machine.This virtual machine has a different IP address from my host machine, so what I need is for my computer (the host) to redirect incoming traffic on port 25 to the virtual machine at 192.168.56.101 on port 2525.Can someone please help me with it? I think its done with iptables.
I've a webserver at 10.10.0.55. Above in the hierarchy are managed network cisco switch / router and ASA firewall (the usual stuff). I also have a mail server at 10.10.0.200. I was told by the network admin that he can't forward port 80 to webserver and port 25 to mail server. Basically he said that it's a one-to-one (external.ip-to-internal.ip) mapping and all traffic, no matter what port it's destined for must go to 10.10.0.55. So, I turn to the wonder that linux is. The webserver is running Centos 5.4. Currently, all packets on port 25 are coming to the webserver. I want to forward all these packets to the email server. Note: the webserver only has one interface: eth0. I turned to web for help and did this in iptables:
It didn't work. I am assuming that since I only have one interface, a simple rule to the filter table and forward chain will not work.So i use the NAT table and try the following:
First of all, since there is no service/daemon listening on port 25 on the webserver, is it even going to work? Isn't the webserver simply going to discard packets on port 25? I am assuming that packets go through the iptables first, and so iptables should route the packets to the email server, where there is postfix listening on port 25. Am i right? Also, as you can see in the code above, all packets coming on port 25 on the webserver should be logged. But they aren't. In order to troubleshoot, I'd like to at least know that packets are coming into the iptables. But since it's not logging, I can't find out what's wrong.
Setting up a Linux router in Fedora 10. The router has an IP (192.168.1.1) for the eth0 on the internal LAN and a static registered IP for eth1 on the internet connection. All the internal LAN client PCs have gateway set to 192.168.1.1. My question is what do I set the gateway address to on eth0 and eth1 and how would I configure this in /etc/sysconfig/network?
i have a linux server runnig oracle applications. i need to access this server from putty using ssh through internet. i did by registering my static ip with the dnydns.org and i am able to connect to the server. but now there is no security to authenticate any user as any one knowing the password can login to it.
i thought of configuring the firewall of linux server but the client ip`s are not static and they change continiously. so thought of keeping one more pc between the server and the router which will do the work of authenticating. but i am confuse as how to configure it to allow the packets coming from the internet after authenticating and to by pass the packets generated from internal LAN?
I have two laptops with me here at school, one bigger one [home computer], and one smaller one [netbook]. I take the smaller one with me to class and when I'm out and about, however, I keep all of my things on the bigger one. I would really like to be able to set up some sort of SSH port forwarding for the bigger machine so that, when I'm out and I realize I left file X on my home machine, or I want to listen to a certain song, or whatever, I can just scp it to the netbook. The issue is, at my dorm, I'm stuck behind a firewall and can't just set up a SSH daemon and port forward through the router, I need a more clever solution. I do have a home server (not with me at school), which I commonly use for transferring files. Basically, I'm wondering if there is some way I can SSH into my server box, with reverse port forwarding so that, when I am out and about, I can just log into my server and copy files from my home computer for use on my netbook. I've tried a couple of solutions which come up from google "reverse ssh" but haven't been able to get them to work. A step by step guide to doing this would be great. Again, the setup is:
Home server [ssh-able] Home Computer [behind firewall, can't ssh into at the moment] Netbook []
Want to be able to SSH from Netbook to Home computer, probably using Home server.
i did googled for that for a while now, but didn't found anything relevant so far, or did i missed something? i need to share a pppoe connection, using an infrastructure wifi network, how can i do that in ubuntu?
forgot to mention, ad-hoc just won't do it for me, the other devices, either dosen't support it, either get a password error. also, i would need some help for establishing the pppoe, i previously did that on another machine, but that was long ago, and it was a big head ache, it would only dial on startup, and no redial or disconnect posibilities whatsoever.
I have enabled IP Forwarding in my linux machine by using the commandsysctl -w net.ipv4.ip_forward=1. But I dont see any difference in routes when I type the route command before and after changing this value.Do you guys have any solution to verify the packet forwarding, but using this single linux machine only? Of course, I verified the net.ipv4.ip_forward=1 value. But I need to verify by transmitting orreceiving packets
I have WiFi router at home and connected two computers running ubuntu linux connected to it. One connected through WiFi, second through LAN. So what is the problem: I can't SSH from Gnome terminal to any machine. Be it local computer on the same router or be it distant computer. SSH session hangs just after successful login. I've read a lot about it and it should be related to DNS, MTU or whatever, but not in my case ! PuTTY client works without problem to local or to distant PC. SSH session from Gnome terminal works also just fine if.... I connect two comupers directly by not using router. So it seems SSH installation is ok, configuration is ok, but somehow router is not ok. I looked at packet sniffer of router itself and I see that packets successfully go from one computer to router and then to other computer and returns back. Firewall working ok. And its not about packet forwarding because I have the same problem if I try to SSH to router itself.
So the question. What theoretically might be wrong with router packet management ? Why PuTTY and Gnome terminal SSH packets differs ? What is the difference ? Where should I search for some sollution? I ran SSH in debug mode, but it was no so informative. It successfully logins and hangs on this line: Code: channel 0: open confirm rwindow 0 rmax 32768
I have an old pc that I would like to use as a headless server for my music, files, etc that I can access at work and other places outside of my network. I'm a complete noob in this department so please excuse my overwhelming ignorance. The only thing I've managed to succeed at was installing fedora 13. Two things in particular are giving me trouble: 1.)setting up my router and fedora box so that it has a static ip address and 2.)connecting to the fedora box via vncviewer on my laptop.
HERE ARE SOME QUICK SPECS THE DEVICES INVOVLED: Fedora Box: Intel Pentium 4 2.66GHz, 1GB ram, Fedora 13 Laptop: Toshiba Satellite A505, Intel Core 2 Duo T6600 2.20GHz, 4GB ram, Windows 7 Home Premium 64-bit Router: D-Link WBR-1310 ISP: Comcast (cable)
HERE'S WHAT I'VE DONE SO FAR: Setting Static IP On the fedora 13 box: 1.)Went to Network Connections and added a new connection 2.)Copied mac address from the default connection 3.)On IPv4 tab, added new address: 192.168.0.200 (this is out of the range which my router will assign automatically) netmask 255.255.255.0, set gateway to 198.168.0.1(router's ip on the network)
When I connect to this new connection web pages don't load, etc. but when I'm on the default connection I have no problems.
Connecting With Vnc Viewer On the fedora 13 box: 1.)System -> Preferences -> Remote Desktop 2.)Under Sharing I checked "Allow other users to view your desktop" and "Allow other users to control your desktop" 3.)Under Security I unchecked "Ask you for confirmation", checked "Require the user to enter this password", and specified a password
On the router 1.)Set up port forwarding for port 5900, TCP only, to the ip address of the fedora box.
On the laptop 1.)Installed VNCViewer 2.)Went to whatsmyip(dot)org to get ip address of router 3.)Tried to connect to that address, port 5900 (ex. ##.##.##.###::5900) 4.)Connection times out everytime.
I wish to setup my spare PC as a router. I was wondering what programs, in ubuntu, I can use to monitor and change settings concerning bandwidth usage. I want to throttle down a computer in my network so what program would be good for this?
Okay, a few days ago I got a small job setting up a router for a neighbour of mine. He wanted me to set up a wireless network for him. The router he bought is a Linksys Wireless N-Router E1000. I set it up the passwords and everything. Only to find out that I couldn't connect at all to it. The main computer with a direct ethernet connection to the router was the only one that had internet. Everytime I attempt to connect wirelessly with any device, it will take extremely long time to connect, to the point where I will just quit connecting.(Example: 15 minutes of waiting, when the laptop is right next to the router)
Any ideas about what I am doing wrong here? As far as I can think of it might just be a faulty router, because the router will not implement any changes(like setting a password) I set on it. Only wired connections seem to work. the router is called a linksys wirless N-router E1000.
World of Warcraft requires that TCP Ports 1119, 1120 and 3724 are forwarded. The Blizzard Downloader requires that TCP ports 3724, 1119, 4000, 6112, 6113 and 6114 are forwarded. It can also benefit from having ports 6881 through 6999 forwarded. The World of Warcraft Voice Chat feature uses UDP Port 3724.
i use the hotspot feature to play warcraft and i am running ubuntu 10.10 ... i need to forward these ports ... any way to easily download an app to configure the phone like you would a router? its probably easy i just cant find it.
post the "perfect" tutorial for setting up a router and firewall for Ubuntu 10.10 Server 64-bit? I'm kind of a n00b when it comes to Linux, so I get really confused with some things, I have seen things on the ubuntu wiki about this... but it really confuses me =
I'm trying to setup my ubuntu sys as a router and firewall... Internet -> Ubuntu (Router) -> Switch (no DHCP on it) -> Computers I've already setup bind and dhcp3 and got those working perfectly... I've also setup Squid3 and Dansguardian for content filtering (blocking ads and such) and got them working too... I want to set it all up to be transparent, and allow the system itself to function as a powerful firewall router, giving absolutely NO issues to client computers connected, and no speed reduction at all.... I want to setup the firewall to allow all outgoing connections, but block everything incoming (stealth the network)... Forcing all http/s traffic to pass through dansguardian, then to squid...
But am very confused on how to pull this off... The system is running Ubuntu 10.10 Server 64-bit, with 4 GB of RAM, 320 GB SSD, and two 1Gb NIC cards... Sorry if I'm not very clear, I do speak english perfectly, but just kinda new to the "Linux world", I was using SONICWALL but that's getting a little too costly to my network and wanna do a free alternative... Something completely CUSTOM, not using some network security distro.
I decided to try and get my network ready for IPv6. All of my hosts are set up to do stateful autoconfig, I have radvd installed and working, and I can ping6 ipv6.google.com from my Ubuntu server. However, when one of the clients on the inside tries to ping6, no packets return and I get this message in the router's syslog:
Code:
Feb 8 17:55:17 foo kernel: [ 1344.824474] Dead loop on virtual device tun6to4, fix it urgently!
I recently installed Fedora 14 on my machine. Ever since I cannot connect to the Internet at home.henever I plugin in the ethernet cable the ADSL router disconnects and all machines connected to the router lose connection to the Internet.
I have a Linksys WAG54G2 Router - this is set up and was working fine with Xp and my Apple I phone.I have just changed over from XP to Ubuntu, and am having difficulty in configuring wireless settings to accept UBUNTU.The hard wired Ethernet connection works fine.
Setting up desktop (9.04) behind router for remote access by latptop (9.10) I am setting up desktop (9.04) behind router for remote access by latptop (9.10). Rationale: All of my files are on my desktop HD, but I am often out of my home needing to work on my files. It is becoming labour intensive to keep track of the files I make/change and try to copy them on my non-connected desktop/laptop.
Dream: Able to remote access and modify my desktop files from my laptop (while the files remain on the desktop). Request: A simple, GUI, basic, non-technical guide how to set it up!
What I know: 1.I was going to use the 'Remote Desktop' VNC connection under System->Preferences. However, if I understand this correctly, this only secures my computer (i.e. Locks the front door of my desktop) and the data streamed between them is not encrypted.[URL]..
2.Then I need to set up my router to accept the connection from my laptop.
3.Then I will need to use SSH to secure the info sent between them. This is the bit I don't really have a good grip on.
could set up a firewall on my linux machine? I have is to connect my router wired to the linux machine and then from the linux machine to my main computer, and obviously routing the internet connection through the linux box as a firewall. I use a Netgear DG834G router
i must make this work with the use of virtual pc's. I have vm player and installed fedora ( the latest version ) and one xp . So i have 2 virtual pc's. I'm making it simple for start so i can add more pc's when i see that it is working. I have setup a dhcp server at the fedora virtual pc. The fedora virtual pc is like a soho router. The xp pc is getting ip from dhcp while the fedora one has a static one.
My pc is behind an adsl router. Both virtual pc's can see each other which means i have no connectivity issues.Im trying to setup a squid proxy ( transparent one ) so for example the xp pc can access porn sites and such. I used all required configuration for the squid to work and started the service. Ive also inserted with iptables the commands to forward all incoming port 80 packets to port 3128 ( the squid ). It doesnt seems to be working and i thik i know why but i dont know how to fix it.
Because the xp has a gateway at 192.168.1.1 ( the adsl router ) packets go directly to it and not to the soho router ( fedora virtual pc as i intend to do) What can i do to solve this problem ? How can i forward all packets to go to the fedora virtual pc first and then the fedora pc to forward them (if necessary) to the adsl router? PS. I used Bridged connection on the networking configutration on the vmware player ! If you also want i can post the code for squid or iptables if needed !
Somebody gave me an old Celeron 333MHz system w/ 96 MB RAM and I thought I would set it up as a little torrent server. So I installed Ubuntu server on it, but it does not see the NIC. I know the NIC functions because the person was using it hooked up to a network until a few days ago. Unfortunately, it's an ISA-based NIC and not PCI and my understanding is that I have to pass it IRQ and DMA settings to get it to work. Unfortunately, I wiped the windows 98 partition without thinking of snagging those settings. First of all, lspci does not show the hardware AT ALL. Here's the output I get:
The machine is an old 'Compaq Presario 5050' with a really crappy BIOS that doesn't really offer any help. I read a post somewhere that trying to load the 'ne' driver should work, so I tried:
I have a linux server I'm intending to use as a firewall. The server has the following adapters
eth0 - Public IP (VLAN2) eth0:1 - Public IP2 (VLAN2) eth1 - 10.241.4.4 (VLAN4)
the Default gateway is my ISPs gateway. Additionally, I have the following route set: route add -net 10.0.0.0 netmask 255.0.0.0 gw 10.241.4.1
I have a server that exists on VLAN 208 at IP 10.241.209.67/21., its GW is 10.241.208.1 (first IP in /21 range)
as it is on the 10.0.0.0/8 network, traffic from the firewall is successfully routed from that server through my router to the FW and out to the Internet. The FW can ping, ssh, etc... the server and vice versa.
I want an iptables rule that will allow me to forward port 4401 on eth0:1 to 10.241.209.67:4401.
Is this possible since the IP is not on the same subnet as eth1, even though it is accessible?
I'm a bit better than a neophyte linux user. I have not made port forwards with it in the past without scripts to assist so I'm looking for not just "it is possible", but also the syntax of how to add it.
