There is a big problem with opensuse 11.4 and virtual interfaces.Until 11.2 outgoing traffic by default was sent by the eth0 address nevertheless which virtual interfaces did exist if any was used.Now there seems to be sent by the last interface listed with ifconfig.The outgoing address in this case will be 10.0.0.3.This is very problematic with smtp control etc.
View 1 RepliesAs too my question, at this time I dont control the router/firewall an I would like to block a port thats used for guild wars on my workstation for a while. The reason for blocking is children have abused it an lost it.In this case I am trying to block outgoing traffic on port 6112. I have tried setting up a proxy server on the workstation, but the game seems to ignore it an jump on. Due to the environment, I enabled the workstation SuSEFirewall2 firewall an tried setting up "lo" as a internal an configure the firewall as a router, then disable 0/0 an configured for 0/0,tcp,443 an re route port 80 traffic to proxy.
When I had my own internet, I had a transparent proxy enforcing rules for access times. So setting up a proxy on each machine would not be a bad thing, even if it took some creative thinking. I am trying, but seem to be missing something.Ideally, I would like to setup a transparent proxy, as my kids have learned alot about system administration an know to check the proxy module. If all they have to do is un check "Use Proxy" an by pass a local proxy server, then I am kinda defeated. An applications such as firefox have a proxy setting they could set to none instead of system
I've not found how to configure more than one ip address with network manager.Nor with kde nor with plasmoid network manager.I need several virtual ip addresses for eth0 when the "default" of eth0 is connected i.e. "Connected to Auto eth0" should initialize the virtual interfaces.I have not found no even how to configure the ip address.I think this will be used from ifup config in yast or not?There I have the virtual interfaces but they are not taken from network manager.And last but no least: Is it possible that when using network manager the eth0 is enabled even no user has logged in?
View 4 Replies View RelatedOS : CentOS 5.3 64bit How to trace incoming and outgoing network traffic for a give user? User 'A' logs in to the system and does various network connectivity As root user need to find what are the outgoing and incoming connection that are related with user 'A'. basically need to check the connection flow. netstat will show ESTABLISHED, LISTEN etc.. need something like tcpdump
Eg:- --user option for tcpdump tcpdump -vv -nn -i eth0 host 10.200.2.1 and tcp dst port 8080 --user A Can someone tell me any tool which can do such thing? Even if it can show the process ID of the client application which is trying to establish network connectivity will do.
I am manually capturing and injecting Ethernet traffic (using lib_net/lib_pcap libraries) for an application. At the moment , both capturing and injecting are done on the same physical interface (e.g. eth0). The problem is that all the traffic that I inject, are captured again by my application causing an unwanted feedback of injected traffic. This caused that I had to implement traffic filtering when capturing traffic, which is consuming resources and eventually will become too complicated to support.
I have tried using virtual interfaces to separate the capturing and injecting streams, but that also presented the same problem as all the traffic from eth0 is forwarded to both eth0:1 and eth0:2. If possible I would like both streams to go through 1 physical device, using more PDs will be the last resort. I am also looking at using TUN/TAP devices to try and separate the two streams, maybe writing a user-space program that lies between the physical device and the TUN/TAP devices to do the routing of traffic.
What is the maximum number of virtual network interfaces possible?I would like to create around 300 or so. This is needed to simulate a 300 node network.
View 6 Replies View RelatedWhen I create virtual ethernet interface and do a ping -I <v_int> <host> the outgoing address is the one of the physical interface and NOT the virtual interface.Is there no chance that trafic will go out with virtual interface address??Incoming trafic is done well i.e. responds to the virtual interface have the virtual address.
My problem is that I have 2 modems and want to check both default gw behind the modems.
If I do a "normal" ping both are reachable over default route even the modem which is not the default route will not work because ping goes over the working modem.So I have 2 routing tables and want to route the virtual interface to one modem the other to the other modem
I have a couple of interfaces in a Fedora 14 box:
eth0: internet provided by an adsl router
eth1: LAN
I set up system-config-firewall to masquerade all outgoing traffic in eth0, as I did in other Fedora 13 boxes, but it seems it doesn't work. It sets to 1 /proc/sys/net/ipv4/ip_forward and also set the appropriate rules in iptables. But all traffic is blocked from the LAN to the Internet. "ping www.google.com" works in the Fedora box, but doesn't work in the LAN computers using the F14 IP as gateway. I have another F13 computer elsewhere configured this way and it works fine. But this one has Fedora 14.
I use a server with 3 nics,
eth0 192.168.2.100 (internal Web, Mail)
eth1 192.168.3.100 (Default Gateway nic for clients)
eth2 192.168.3.110 (should be default Gateway for all outgoing traffic not belonging to 192.168.2.100 and 192.168.3.100)
They are all on the same machine
i cannot set eth1 or eth2 as default gateway, as outside requests to eth0 would be handled in a false manner (somehow)
is there an easy iptables-rule to say, that outgoing traffic, not belonging to my networks can be redirected to a specific NIC (eth2)?
I have a Linux IPTables firewall on Centos 5.3.It has one physical interface to the internet and 2 internal interfaces to a DMZ and TRUSTED zone respectively.There are 10 virtual interfaces linked to the physical public interface.Emails are being sent from my server in the DMZ out to the internet, but it is being shown as coming from the firewall IP address.It must show as coming from one of the virtual interfaces.
View 4 Replies View RelatedI've noticed recently that a lot of outgoing internet traffic is generated by my laptop (running Ubuntu 10.04 - 64 bit). This wasn't the case previously. I only found out because my wireless broadband traffic allowance suddenly was used up very quickly. I've installed ntop to try to find out where all this traffic is going to.
I did find that there were a very high number (at one stage over 11.000) of active TCP/UDP sessions (see attached screenshot). Although the traffic generated by each is only small (about 100 bits/bytes - not sure what) multiplied by thousands, makes a fair bit of traffic. I wonder if I've got some kind of a virus/bug or do I have a configuration problem with my laptop?
I need to configure iptables to block incoming traffic (except specific ports), but allows all outgoing traffic.
I am able to block incoming traffic, but doing so also prevents outgoing traffic (tested by telnet [URL] 80)
The following was used:
iptables -A INPUT -p tcp --dport ssh -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -I INPUT 1 -i lo -j ACCEPT
iptables -A INPUT -j DROP
Also, even allowing NOT SYN requests still prevents outgoing traffic.
iptables -I INPUT 1 -p tcp ! --syn -j ACCEPT
Another point:
# modinfo ipt_state
modinfo: could not open /lib/modules/2.6.18-028stab070.14/modules.dep
How to install ipt_state module on ubuntu?
I have a need to make a rather odd filter in tcpdump- I would like to capture only all those packages on interface eth0, that are outgoing(in other words from IP 192.168.1.1, which is IP for eth0 in this computer) and doesn't have src MAC address 11:22:33:44:55:66. However, fallowing command says, that syntax is wrong:
Code:
tcpdump -n -p -i eth0 src host 192.168.1.1 ether src not 11:22:33:44:55:66
Is this possible? If yes, then what is the correct command?
what rules I need to use to only allow traffic between 2 interfaces (which are part of a linux bridge) using ebtables?
So let's say I have if0, if1, if2. I want if1 to communicate with if0. I also want if2 to be able to communicate with if0. But I don't want if1 and if2 to communicate with each other.
I have a UBUNTU server 10.04 LTS with 3 network interfaces (eth0,1,2) with eth0 is connected to my lan and others connected to two different ISPs , I am looking for a very flexible and complete monitoring tool which can monitor all of the traffic of incoming and outgoing of any interface and SPECIALLY can show me which local client made connection to which interface for connecting to internet in online mode not offline and it is good to have online web base interface I mean the interface shows the measured data in real time mode. I fount some tools like iftop and iptraf and many others in this url: http://www.ubuntugeek.com/bandwidth-...for-linux.html but non of them are suitable for my net I mean none of them have good web real time data and non of them shows "which local client made connection to which interface for connecting to internet".
View 2 Replies View RelatedHow I can refuse an outgoing connection on opensuse firewall by default outbound policy is permissive, and the p2p I explicitly deny an outgoing, according to protocol, remote port and local port.
But I can add rules as how to run opensuse firewall rules are permissive only for inbound traffic and so I can not specifically deny an outgoing connection.
Before using fwbuilder is very powerful and configurable but now I'm with suse for convenience but want to know if you can do what I want, if not I will have to use fwbuilder.
My Ubuntu Box has 3 interfaces. eth0 (Internal 192.168.1.0/24)eth1 (External ISP DHCP)eth2 (External ISP Static IP)I need the outgoing traffic to internet for 1 of the internal pc (192.168.1.10) to only go only go through eth2
View 4 Replies View RelatedI have the following setup: Client A, having 2 network interfaces, eth0 and eth1, both with the IP address 192.168.1.1/32. Client B, also having 2 network interfaces, eth0 and eth1, with the IP addresses 192.168.1.2. The routing table on client A has one entry: 192.168.1.2 dev eth0 The routing table on client B has one entry: 192.168.1.2 dev eth1. Basically the idea is to send the upload traffic one one interface and the download traffic on the other interface. (Client B could serve as a gateway). However, with this setup, well... nothing works. The packets received by Client B are ignored. Does the linux kernel have anything against routing packets coming from an interface, although he thinks the source is on another interface?
View 4 Replies View RelatedI just set up a new router for our home office. I've enabled traffic logging, and I'd like to have the logs emailed to me. However, in order to configure email-notification, the router needs and outgoing mail server. Forgive me, but I don't really understand the terminology being used here. I've googled this a bit, but I'm not sure I now what "outgoing" vs "incoming" mean in the context. I tried using my gmail account as the outgoing mail server (smpt.gmail.com) but it requires TTLS encryption, and there's no option for that on my router.
So I figured I'd setup a simple mail server on my local network. I have a dedicated server machine, so I'd just configure a mail server there. But I got stumped at the first input box (in the yast module):"Outgoing Mail Server".That's what I wanted to use this server for. What is this "outgoing mail server"? I understand it in a normal emai context (I think) but this is confusing me. I've read through the HowTo on the openSUSE wiki, but it still doesn't answer this question.Isn't there some way to have a simple, local mail server (without MX records and the like) so I can send email from a local machine?
My question is simple - is there any linux app or applet which is able to show (monitor) incoming and outgoing connections assuming it's a direct internet access? I was using a firewall on a system off Redmont which was able to show every connection, listening ports of services if some were opened etc.
View 1 Replies View RelatedIf I try to add a new interface (eth1) to /etc/network/interfaces, I get
Code:
* Reconfiguring network interfaces... SIOCSIFADDR: No such device
eth1: ERROR while getting interface flags: No such device
SIOCSIFNETMASK: No such device
[Code]...
How do I add 2 interfaces and get anyone of them to work, as available ?
I have a laptop connected to internet via wlan0. I also have eth0 interface and with it I share internet. I want to modify/filter all the traffic passing by the first laptop, something like this:
Code: Select all *---------------------------*
| LAPTOP 1 | *--------------* ?
|-----* *------* *----* | |
INTERNET<------>|wlan0|<-->|MY_APP|<-->|eth0|<---->|ANOTHER LAPTOP|
|-----* *------* *----| | |
*---------------------------* *--------------*
I know that in FreeBSD it is possible to use ipfw for that purpose, because it build-in into kernel. We set for example rule Code: Select allipfw add divert 2000 ip from any to 1.0.1.1
and we can use our own application to process those packets, reinject them forward etc. It will work also fast, because as I said, it build into kernel.
Is there any standart Linux-based solution to do the same? I found some info about netmap-ipfw. Is this a correct solution? Or I have to use for example IP-aliases and iptables to do that?
I need to process all the IP-packets, not only TCP/UDP/etc-protocol. Solution also must be very fast.
I'm trying to configure OpenSuSE 11.2 with Open vSwitch, and I'm having trouble getting various interfaces to come up automatically when I have bootmode set to "none." startmode is set to auto (or on - tried both), and bootmode set to none, with no IP address assigned in the file. At boot time, I get the message that it's bringing up eth0, for example, but when I log in and check, the interface is not up. Also, if I try "ifup eth0", I get the following output:
xen-users:~ # ifup eth0
eth0 device: Intel Corporation 82566DM-2 Gigabit Network Connection (rev 02)
but the interface is not brought up. why SuSE is saying that it's bringing up the interface successfully, but is actually not bringing it up?
I deleted the firewall files "K09SuSEfirewall2_init", "K01SuSEfirewall2_setup", "S11SuSEfirewall2_setup" and "S01SuSEfirewall2_init" from "/etc/rc.d/rc5.d" in order to disable the firewall when rebooting.
As a consequence all network services are not working. I can't connect to any other machine nor to the internet.
I rebuilt the symbolic files based on the ones for runlevel 3, but still no network services are available.
Any suggestions how to make it work again? I'm using Suse 11.3.
I'm building a wireless router based on OpenSuse 11.3 I have experience with Debian, but here I'm confused howto manually configure network interfaces. I need my wireless card to work in master mode, so I need to place
[Code]...
Some time ago I asked about SCPM in 11.3. Turns out it was removed, and the suggestion is made to use Network Manager.
Some of us are not excited about this, because despite the name Network Manager did not manage networks - it managed connections. Those of us who presently use SCPM to choose which NFS fstab entries, which printer, etc
When changing connections want to know whether indeed Network Manager can indeed now manage networks instead of just connections.
in 11.1 (2.6.27*) there were occasional kernel msgs generated in the "messages" log:May 26 21:57:28 blkdragon kernel: TCP: Treason uncloaked! Peer 188.48.28.209:18769/58845 shrinks window 2778476289:2778478629. Repaired.had to do with torrents/java and azureus/utorrent, with the outside ip number/port assignments easily understood and parsed if necessary.in 11.2 (2.6.31.5) the same type of entry is:00:24:23 blkdragon kernel: [258668.819024] TCP: Peer 0000:0000:0000:0000:0000:ffff:54b6:489e:10858/44949 unexpectedly shrunk window 3076383191:3076383869 (repaired)
View 4 Replies View RelatedThis morning I was configuring a DNS server through Yast at home, I've done it once before (in another wireless lan)and it works perfectly. But this morning, after I clicked "start dns server now", everything freezed, and caps lock light on keyboard kept flashing. I rebooted laptop,it couldn't boot into run level-5 and there were few "skipped" items and "failed" items displayed.... Sorry I'm new to linux so I re-installed it this afternoon, and kept /home partition, formatted / partition.
Everything seems to be fine after re-installation, again I tried configuring a DNS server and clicked "start dns server now", but the same problem appeared, caps lock light kept flashing and I rebooted the laptop but fortunately this time it didn't fail on any items when booting
In Yast-Network Settings, I choose "use controlled with network manager", and I can connect to wireless router and browsing web, but there are no any interfaces shown in Yast-Firewall, and this time, after I clicked "start dns server now", nothing happens, dns server just won't start...
I'm not that great with mailservers, and just been thrown a curveball with a MS Exchange environment for which there is apparently no solution... yeah, right. But is there a workaround?
The problem is that the site mail (SMTP) needs to be sent via port 26 instead of the commonly used 25. Port 25 is mapped to a mailfilter, which apparently causes havoc with some of the mail, and the techs that have been on site trying to coax the Exchange server to co-operate have said that the only way would be to get rid of the filter.
The problem is that there are number of apps that are unable to have the outgoing port changed and so keep sending mail out on port 25.
I look after the Unix/Linux side of things at work, and I was wondering if there was an easy way to set up a Ubuntu box to receive mail on port 25 and just forward it to the MS box on port 26? So, in other words (and I hope this makes sense): monitor port 25, and forward whatever comes in on port 25 to the server on port 26. Simple portforwarding, or is it? What steps do I need to take?
I have a remote network that I manage consisting of a DLink DFL-210 firewall/router, and behind that a Dell server running openSUSE 11.2 and a collection of Windows XP/Vista/7 computers.
The Linux box is running OpenVPN as a server (that is how I connect to this network) and a client (it connects to a second server - running XP - at a different location).
The DLink router is the DHCP server and provides addresses on the 192.168.51.0/24 network. The OpenVPN server provides the 10.8.51.0/24 address range.
The remote network that the Linux box connects to is 192.168.54.0/24 via the OpenVPN network 10.8.54.0/24.
I have added routes to the DLink router to route all traffic to the 10.8.51.0/24 and 192.168.54.0/24 networks to the Linux box.
With SUSEFirewall turned off, after I have connected via OpenVPN from my remote computer I can ping all active 192.168.51.0/24 addresses. Other computers on the 192.168.51.0/24 network can ping computers on the 192.168.54.0/24 network. But if I turn on SUSEFirewall, neither of these work. However, I can ping 10.8.54.1 from any computer on the 192.168.51.0/24 network.
How can I set up SUSEFirewall to allow these networks to communicate with eachother?