Ubuntu Networking :: Port Forwarding From Public Address To Private Address?
Feb 24, 2010
Currently my OS is Ubuntu 9.04 Jaunty Jackalope Desktop OS and my web server is Apache2. I have a public address 60.x.y.z and my pc local address is 10.x.y.z. I have a web app in my Apache2 which currently run in localhost(10.x.y.z).
I would like to enable the web app so that it could be browse from outside. I know there maybe some port forwarding process and some commands involved in order to do that. But I have no idea on the steps to do that.
View 5 Replies
ADVERTISEMENT
Feb 8, 2010
Is it possible to forward a connection to a port to a completely unrelated external address? For example, I want to redirect ssh traffic to a.b.c.d to w.x.y.z. If w.x.y.z were an internal address and the machine was the router, this would just be plain old NAT port forwarding. But what if w.x.y.z is not an internal address? The reason I want to do this is I want to reassign a domain name example.com from ip address A to B, while allowing users to still ssh into A by using the [URL] domain name. Is this unreasonable? (I am guessing it is unreasonable, since the A wouldn't have it's gateway set to B, as is the case if A were in B's NAT'd internal network.)
View 2 Replies
View Related
May 10, 2011
- I setup port forwarding of openssh :
connect 1: ssh -g -f -p 11111 -i /<path-to-private-key> user1@ip-server1 -L 22222:ip-server1:161
- Then I setup second connection
connect 2: ssh -g -f -p 11111 -i /<path-to-private-key> user1@ip-server1 -L 22223:ip-server1:3306
- Openssh waring to me "bind: address already in use"
- So I think port 22223 have had another program use,I use command:
ps aux | grep ssh /* find process id of second connection */
kill -9 <process-id-second-connection>
netstat -an | grep 22223 /*find which program use port 22223> */
- but I can't find anywhat
- Then I run again command :
connect 2: ssh -g -f -p 11111 -i /<path-to-private-key> user1@ip-server1 -L 22223:ip-server1:3306
- And I receive a error from OpenSSH :" bind: address already in use"
View 2 Replies
View Related
May 15, 2011
I recently just upgraded from humble Linux user to confused Linux admin of my own virtual Linux server. When I issue the ifconfig command I get following output.
Code:
venet0:0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:1.2.3.4 P-t-P:1.2.3.4 Bcast:1.2.3.4 Mask:255.255.255.255
UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
The WAN IP of the interface is not really 1.2.3.4 I just changed that IP for security reasons.What I am trying to figure out, is it possible to assign a private IP address to the same interface or can I only have one IP address per interface. I understand I have a mask of /32 so I am not going to be able to subnet the address to create any more addresses, so I assume I am stuck with the WAN IP (public IP) that I have, and just need to deal with it.
The reason I ask this is because I have been reading through several DNS/BIND tutorials/walk-throughs, and a lot of them specify setting up a intranet access with 192.168.1.1 address for the local DNS server, but since I am connecting to the sever via SSH I figure I do not need a private IP address.
View 5 Replies
View Related
Apr 1, 2011
I want to pass ip address,port address and some parameters from command line using python script.The ip address and port address for establishing socket connection and remaining parameters to execute different connection.
View 1 Replies
View Related
May 24, 2011
The facts are as follows:
1. I have at work a regular LAN with many PCs, each with a DNS-registered public IP. Therefore I am able to address each of these PCs by their fully-qualified names and, for instance, initiate ssh sessions to any of these computers just by typing "ssh <name_of_machine>" from a terminal.
2. Within the aforementioned LAN I have just created a private network with some clients, which access the LAN through a router (a D-link DIR-825). We have created this private network for many reasons, but most importantly because we need to guarantee that the hosts in this network will remain networked among them even if the LAN goes down for any reason (which unfortunately happens often). But we still need to have access to the hosts in the private network from the LAN.
3. I am able to define port forwarding rules in the router in order to access certain services on the private network's clients. For example. I am able to access (by ssh) hosts "H1" and "H2" on the private network from a client on the LAN by defining rules for forwarding ports "P1" and "P2" on the router's public IP to TCP port 22 on the private IPs of "H1" and "H2", respectively. Then I would access each of these hosts from the LAN by using:
>ssh -p P1 [ip.address.of.router] (for accessing H1) and >ssh -p P2 [ip.address.of.router] (for accessing H2)
4. The problem with the port forwarding approach is that it is not easily scalable. For instance, If I wanted to enable ssh access to each host in the private network, I would have to define a port forwarding rule for each machine, and then REMEMBER all these port rules when initiating a ssh session from the LAN in order to point to the right host. And the problem gets worse when considering more services in addition to ssh.
5. The ideal solution would be to be have a means for addressing each host in the private network individually, in much the same way in which I address the hosts in the LAN (which have DNS-registered names). For instance, in order to access hosts H1 and H2 as in the previous example, i would like to be able to just type
>ssh [name_of_host_H1] (for accessing H1) and >ssh [name_of_host_H2] (for accessing H2)
The bottom line:
I guess I can say that what I need is some kind of combined DNS-ing and routing that allows me to communicate with the hosts in the private network from outside of it in a transparent way.
The question is: what are any possible solutions for accomplishing this? I have searched the web and found stuff about things like VPNs, reverse-proxies and NAT servers, but I really can't understand if any of these could serve to solve my problem (BTW, isn't my router doing some sort of NAT-ing already? could I just add some DNS-ing in some way?)
View 3 Replies
View Related
Jun 13, 2011
I want to do some basic web hosting, mainly for the experience. I have verizon fios for my isp, and what i am wondering is can i have the public ip address that they give me when i connect out to the internet point back to my linux box?
The reason that i am asking this is because i want to register a .com and i would like to have that point back to my linux box, i have looked at a few services and it seems that godaddy.com will do this and they seem to be the best choice. Before i register the .com i turnd on my httpd server but i am not sure how to get the public ip point back to my box...?
I have been doing some research and i am learning about things such as
ddclient
openvpn
port forwarding
nat
dynamic dns
Verizon fios like most isp's uses a dhcp connection meaning that the public ip address i get will change 1-2 a year. What i don't know is how can i setup my network at home preferably with iptables to have that public ip routed back to my linux box at home? I am using fedora 15 for those that are wondering...
Also when i enabled port forwarding and started my web server and tried loading http://mypublicipaddress in firefox i am directed to a verizon page with a login and password prompt.
I am aware that i will need to get certain information from my isp to have their public ip address routed back to my linux box but i am unware of what to ask them...?
If anyone here can tell me the following i will be so happy because it seems like a lot to hosting at home but i really want to learn...
here is what i need to know?
1) What kind of questions and information do i need to ask and get from my isp? DNS info? Logins and Passwords?
2) What do i need to do on my linux box to have that public ip address routed back to my linux box at home?
3) What rules do i need to add to my iptables script to allow this, i know there are certain nat rules that need to be added and port forwarding is needed as well..
4) anything else you can think of that i need to do...
View 9 Replies
View Related
Feb 20, 2010
I'm using a Debian servers, as router/firwall.. I've two ethernet interfaces into the server, one for wan and one for lan. The i use SNAT so my LAN clients can access the internet throgh the debian router. That is working... Now i want to be able to access servers on the LAN site from the WAN site, and i wanna use port address translation (PAT). I have a FTP server running on a lan server, so i'm trying to portward port 21.
iptables -t nat -A PREROUTING -p tcp -i eth1 -d (WANIP) --dport 21 -j DNAT --to 192.168.1.2:21
When people try to access my FTP from the WAN site, they are redirected to the local FTP server, and they are promted for crendentials, but when the credentials are typed, and the local ftp server should answer the wan request, the connections dies.
The wan clients are being promted for credentials, so they are redirected to the local lan server, but after that the connections dies, so i think there is some kind of nat problem, when the local lan server is trying to respond to the wan request..
Here i my iptables script:
#flush table
iptables -F
#input regler
[code]....
View 6 Replies
View Related
Feb 12, 2009
I make an application on GNU/Linux which listening on a MULTICAST stream, so I open my unconnected socket, bind it on a MULTICAST address and a port, join the multicast group with the "setsockopt (IP_ADD_MEMBERSHIP)", then I receive datagram on my socket.
Now I've two different instances of the same application that run with their own MULTICAST address and port. And what I found strange is that, after a misconfiguration, I switch the ports, for example:
Emitting on 225.0.0.1/23451 and 225.0.0.2/23452
Receiving on 225.0.0.1/23452 and 225.0.0.2/23451
And my receiving part doesn't care about the MULTICAST address, it looks like the socket is listening on the port number only! I mean that the receiver [225.0.0.1/23452] take its datagrams from emitter [225.0.0.2/23452] and vice-versa!
View 2 Replies
View Related
Jan 27, 2010
Is there any one know how to deploy a remote OS installation for a host with public network address? In a LAN with private network, we can use PXE, kickstart... but what we could do with the hosts have only public ip address?
View 2 Replies
View Related
Oct 28, 2010
host is windows 2003 server 64-bit
guest is ubuntu 9.04 server 64bit
Qemu : 0.11.1
Qemu manager: 7.0
from Qemu manager, if network card is using User Networking, it's a NAT and I can see that Guest Ubuntu has an ip address 10.0.2.15 and is able to access the internet. However, as Guest ubuntu is running server so I want to do use Tap networking and I assue with Tap, the Guest ubuntu will get an ip address which is in the same subnet as host machine by dhcp. so from Qemu Manager 7.0, I changed Network card to be:
NE2000PCI
Vlan Number =0
VLAN Type: Tap Networking
Mac address: tap0's mac address from host
TAP Network Adpator: Tap0
Note that tap0 was created by openvpn. and then fired Ubuntu guest, ifconfig shows no ip address on eth0 (which has the same mac address as Tap0) so the guest Ubuntu has no ip address and can't access public.
View 1 Replies
View Related
Dec 16, 2010
Version 10.04 LTS. Installed desktop version and network worked but I needed a static IP address and the install configures for a DHCP configured address. I tried changing to static address using the System->Preferences->Network Connections application but was unable to get the system to come up with the network up.
So I manually modified the /etc/network/interfaces and the /etc/resolv.conf files. I restart the system but when I do an ifconfig, I don't see a configured IP address on eth0 (only the loopback address). If I run /sbin/ifup eth0 everything then works fine and ifconfig shows the correct address bound to eth0.
My files are as follows:
View 2 Replies
View Related
Mar 12, 2011
I'm running Ubuntu 10.10 and I'm having problems trying to assign it a static IP address. No matter what I put in the Preferences->Networking area (identifying the interface as Manual)... it still will query DHCP for an address if I run the dhclient command. I'm using to using ubuntu server where I just set the IP in the interfaces config file.
View 1 Replies
View Related
Sep 24, 2010
I'm trying to grok a problem I'm having with an embedded machine. I'm pretty sure I can track down the larger problem, but I came across a usage of ifconfig that I don't understand, and I'm pretty sure this is the command that is failing.
The command is: ifconfig eth0 192.168.78.20:9134
I understand how ifconfig works. What I don't understand is the :9134. I can't see anything in the docs about what this means. I know in most contexts it's a port number, but what does it do when bringing up a network interface? Does it limit it to only using port 9134?
View 1 Replies
View Related
May 12, 2011
I am working on implementing a protocol on NS2.34 .I really need help to solve this problem . Actually , I don't now whether the problem is generated by the tcl code or the c++ code when I run the simulation, I get this result :
Code:
num_nodes is set 64
INITIALIZE THE LIST xListHead
34
45
channel.cc:sendUp - Calc highestAntennaZ_ and distCST_
highestAntennaZ_ = 1.5, distCST_ = 550.0
SORTING LISTS ...DONE!
code....
View 1 Replies
View Related
Apr 24, 2010
Consider the following program:
Code:
#include <stdio.h>
#include <stdint.h>
[code]...
View 2 Replies
View Related
May 7, 2010
I am running my own Postfix mail server. Some time ago I noticed that most email was rejected because of the server's dynamic IP address. So I got a fixed IP address. However then I noticed that some mails got rejected due to failing the reverse DNS check. So my ISP told me to get a range of IP addresses and they could then create a PTR record for one of those addresses. That is now running but it turns out that the IP address used for the PTR record is a ... dynamic IP address. So Spamhaus PBL rejects my emails again.
View 1 Replies
View Related
Dec 12, 2009
I have just set up shorewall on my router running Arch Linux. The external network is on eth0 and the internal network on eth1.I have set it up for masquerading and that works fine and I can open ports to the firewall. But I'm having trouble with port forwarding to my internal machines.The problem I have is that when port 22350 is forwarded to 192.168.1.3 on my local network, checking the port with nmap from a remote computer gives me:
Code:
PORT STATE SERVICE
22350/tcp closed unknown
[code]....
View 2 Replies
View Related
Jun 7, 2009
I have a few external IP's assigned to me by my ISP. I have IPcop as my router/firewall. I am wondering how to bind 1 of my external ip's to my internal ip address. So I do not have to port forward, etc. For Example, 77.77.77.77 to 192.168.1.123 and on the server it see's the external IP address.
View 2 Replies
View Related
Oct 6, 2010
In my job I use some ethernet embedded devices. They take an ip address from dhcp server or auto ip. I only know mac address.How can I obtain ip from mac address? In other words I need a rarp packet generator.
View 6 Replies
View Related
Nov 4, 2010
system is RedHat v4. I removed root: admin-name@domain from /etc/aliases then ran /usr/bin/newaliases.
The admin does not get the emails but now the email generated by the cronjobs is being sent to my-name@domain outlook email from "root@localhost.localddomain". No other changes were made. Where should I start looking for the definition of sent crontab email to my-name@domain?
View 3 Replies
View Related
Nov 8, 2010
My college providers shifted to a different setting.. I'm not sure what needs to be done. On windows, under the connections tab you need to change the proxy settings and put in the IP address and enter the port to 3000. Questions:
1. where lies the linux (ubuntu 10.04) variant to execute the operation.
2. What can be the major obligations of such a change?
I am sure its siimple enough, but I can't get my net to work properly. The connection provided to the internet is through wireless routers.
View 5 Replies
View Related
May 2, 2011
Basically I am trying to set up my own server so that I can ssh into it from anywhere. I am able to SSH into my server when I use the LAN IP of my server but I am not able to SSH into it if I use the public IP address. I have read many threads and in my opinion I've tried almost all of the common fixes suggested. One possibility may be that my ISP has blocked port 22. I have taken this into consideration and sent them an email and I'm presently waiting for a reply. However, I highly doubt that my ISP has restricted acess to port 22. I would really like to be able to SSH into my server from anywhere.
1). I installed openssh client/server using the following commands:
Code:
sudo apt-get install openssh-client
sudo apt-get install openssh-client
2). I forwarded port 22 on my router. (see attachment for the settings)
3). I modified /etc/ssh/sshd_config such that my server has a static LAN address.
contents of sshd_config file:
Code:
# Package generated configuration file
# See the sshd_config(5) manpage for details
# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to .....
I then entered the command:
Code:
sudo /etc/init.d/ssh restart
4). I turned off the firewall using the command:
Code:
sudo ufw disable
5). Here is the output of the IP tables:
Code:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
View 9 Replies
View Related
Oct 28, 2010
I dont know for what reason, since 2 days, I started having this message whenever I try to start httpd.I commented "Listen 443", restarted httpd started correctly. I needed to comment "listen 443" in order to be able to start httpdWhat is strange is when I do
Code:
telnet mylinux 443
it responds
[code]...
View 9 Replies
View Related
May 29, 2011
how to assign a address to my ethernet card all the options available
View 1 Replies
View Related
Mar 25, 2011
I need to publish my local webserver from my lan to access outside using internet, I have public ips provided by ISP my local webserver address is 192.168.1.5 and I want to bind this local address to a public ip (Ex: 61.8.153.212) to use it out side my lan through squid.
View 11 Replies
View Related
Aug 2, 2011
I'm trying to write a p2p file sharing program using python's built-in libraries. Everything is going well. The only thing is that i'd like to be able to use openssl public and private keys so only a host with the public key could access/decrypt the filesharing. I've gotten these libraries (httplib, basehttpserver, ssl, os) to work using just a pem file containing both the public and private keys but no success with them seperately. Can someone point me in the right direction or offer an alternative? PS, the goal of the project is to create an anonymous, decentralized, secure file sharing program. I want to be able to upload this to sourceforge so everyone can use it, if that's any incentive
View 2 Replies
View Related
Feb 12, 2011
My Ubuntu server is now providing routing duties to my network, but I'm having trouble opening ports to my network. I have a DynDNS account, so the IP is always current, but I can't ping even my IP directly.
My network map looks like
Internet > SpeedTouch DSL modem with DHCP > eth1 > Ubuntu > eth0 > LAN
With the modem providing a 192.168.1.xx IP to eth1, I can browse fine. The default gateway is my modem. I switched to the public IP of the modem so I could use iptables for firewall duties, but I was locked out of the internet. No gateway was set when I did that, but eth1 received the public IP of my modem.
How can I use the public IP assigned to eth1?
View 6 Replies
View Related
Jan 18, 2010
I have a dedicated control computer that can only be accessed with web-browser (with its ip-address). My DHCP-server gives a static ip-address to the control computer (base on its mac-address). Somehow and after some time the control computer looses its ip-address (can't ping to it any more) ... and then I have to reset the control computer to get it to pick up the ip-address ... this is not a good solution since the control computer is not nearby. is there a way to force the control computer to renew its ip-address based on its mac-address
View 1 Replies
View Related
Apr 18, 2011
My security software has picked up multiple port scanning detections on my router/network and only the IP addresses are available. Is it possible to find out what the remote mac address is to see if the IP source has been spoofed? I've got a couple of different IP sources which were found scanning my ports.
I don't know if my IP and the remote IP address are on the same network or subnet for that matter which is the reason for my wanting to know what the mac address is to find out if its coming from the same remote machine.
View 8 Replies
View Related