Ubuntu Servers :: IP Forward Masquerading At Boot Time?
Sep 13, 2010
I am not a complete GNU/Linux newbie, each day I discover how little I know of this wonderful OS. The title of this post is actually a question for which I already have an answer, however, I can't seem to figure out why this happens. In order to enable ip_forwarding, I always enable it the same way, by issuing an:
#echo "1" > /proc/sys/net/ipv4/ipv4_forwarding.
I don't enable forwarding at boot time on purpose, I prefer to do it manually if the server crashes.
The thing is, I always write rules for iptables in order to enable it to NAT my packages through the router. However, last night, I forgot to load the proper iptables script, and instead, used a script I am currently tweaking. In this script, no rules are listed for both the forward chain and nat table in the POSTROUTING chain. Since forwarding was working (to my surprise, I might add) this could only mean, that the kernel default forwarding policies include masquerading. Is there a way to verify this?
View 9 Replies
ADVERTISEMENT
Oct 25, 2010
which config files do I edit and how do I do it?
View 2 Replies
View Related
Oct 6, 2010
Is it possible (by command line) to move forward to a time point in an audio file?
View 3 Replies
View Related
Jun 2, 2011
My kind isp had set up a authoratitive dns server that can't be cancelled that points to the wrong ip address. Hence I need to take all the traffic going into server A at the ip address aa.aa.aa.aa and send it all onto server B at ip address bb.bb.bb.bb. After much head scratching, I managed to achieve it as follows:- On the server at ip address A, set up following :-
iptables -t nat -A PREROUTING -d aa.aa.aa.aa -j DNAT --to bb.bb.bb.bb
iptables -t nat -A POSTROUTING -d bb.bb.bb.bb -j MASQUERADE
View 1 Replies
View Related
Jul 28, 2009
I am trying to get mysql to start at boot without any success.
The mysqld scripts works fine when run from the command line, but it does not work when i use the links created by chkconfig. I checked the boot.log and found that mysql starts but then it stops or gets shutdown. This is the log message:
Starting mysqld daemon with databases from /data/mysql [ OK ]
Starting cups: [ OK ]
STOPPING server from pid file /var/run/mysqld/mysqld.pid
starting DenyHosts: /usr/bin/denyhosts.py --daemon --config=/usr/share/denyho
sts/denyhosts.cfg
090727 04:35:47 mysqld ended
The same init script works fine in Ubuntu.
View 2 Replies
View Related
Mar 23, 2010
what the recommended way to set up real-time (or near real-time) folder synchronization among 2+ servers. I looked a rsync but that doesn't sound real-time and it looks like its something that you might put in a cron once an hour.
View 1 Replies
View Related
Dec 1, 2010
I have an apache2 server on a Debian box that I am using as the reverse proxy for my sites that are sitting behind it and everyone is happy. But now I want to be able to access my vmware server console from outside the network without exposing the vmware server port to the internet. So I did this I created a new virtual host for apache and it looks like this (edited for the real world)
Code:
<VirtualHost *:80>
ServerName server.my.domain
# RewriteLog "/var/log/apache2/rewrite.log"
# RewriteLogLevel 9
[Code]....
So here is what I want to be able to do. I want to be able to punch in [URL] and have the reverse proxy just take care of everything else without having to punch in the port number or anything else. I'd also like to have if possible the ssl on the vmware box just pass through the proxy back to the end user. If that isn't possible and I need to create a new ssl for the apache box then that is ok too. I have googled this and looked at several other sites but I'm still a little bit lost.
View 2 Replies
View Related
May 17, 2011
Im trying to learn BIND DNS! (yes im bored) Running Ubuntu Server 10.04 LTS.
What files to edit.
1) I want to add a A record for a machine
2) I want to forward none-discoverable lookups to another DNS server.
I found on google seems a bit harsh for me to understand.
View 2 Replies
View Related
Feb 9, 2010
i have a web site and i need to forward all requests to the same page. Basically i would like to show a maintenance page while we are working with our database behind the application and in the meantime i would like to redirect all url in the root directory as following :
http:[url].....
http:[url]....
i tried to perform the action using mod_rewrite in this manner :
Code:
RewriteEngine On
RewriteRule . http://www.mysite.com [L][code].....
The webpage at http:[url]....has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer.
View 2 Replies
View Related
Mar 5, 2010
I am using Squid Proxy Server alongwith Dansguardian, dhcp3 and ClamAV on my local network. Everything is working fine except for .flv files like [URL]. The problem is that Squid wants to download the whole .flv file first to its cache and then serve it to the client.
It has an advantage that the whole video loads at once on the client's browser but that is not what our users want.
What they want is that these files load on the fly as they do on a normal internet connection. How do I configure squid to serve .flv files on the fly to the client PCs?
View 9 Replies
View Related
Sep 8, 2010
I have linux server setup on a network with 2 interfaces. One (eth0) is connected to the regular network and the other (eth1) has a DHCP server and transparent web cache listening on it. The machines connected on the eth1 side are on a different subnet and the linux server is there gateway. Untrusted machines are introduced to this network to keep them isolated.
This isolation works well, too well. There are a small set of resources on the regular network I would like to make available to machines on untrustworthy network. I think I need to use iptables but alas I've had no luck in piecing together the command I need (in one case looking myself out and having to physically reset the machine).
View 3 Replies
View Related
Apr 17, 2010
my server runs fedora 12 i686 LXDE and has an 80 gig hd.on ftp i have a high volume of files that do not fit on the 80 gig hd, however if i could somehow connect to a lan fileserver on the lan and make it accessible through the server, all my problem would be solved. how do i do this?the reason i dont attach more HD's to the server is that all my hard drives are sata and the server doesnt support this
View 11 Replies
View Related
Jan 29, 2010
I have a server on my router on the DMZ. All outside traffic goes to it. This server has Apache running and the domain mysite.com resolves to the the DMZ web server. I have a second server on the LAN that also has apache running. I want to set up another domain, myothersite.com to resolve to the second server on the LAN. Since the main server is on DMZ I have the DNS A records for myothersite.com pointing to the public IP that the DMZ is on.
How do I get myothersite.com to resolve to the second webserver on the LAN? What configuration do I need to do on my DMZ server so it routes traffic for myothersite.com to the other server on teh LAN? Do I use BIND DNS? If so please advise on how to set that up. BIND DNS seems confusing and I having trouble knowing how to configuring it. Is there another option besides BIND?
View 2 Replies
View Related
Apr 8, 2010
I recently Re-did my Postfix configuration using [URL] The thing that that guide did not tell me was how to get email to forward to other accounts or if I can point multiple accounts to the same place like here:
[Code]...
finally I tried putting a .forward record in /home/vmail/domain.com/username directory which didn't work either.
View 1 Replies
View Related
Mar 29, 2010
I have several file servers in our offices and I am relatively new to Ubuntu / Linux. I get notices that there are updates for the server software from time to time. Is it typical to update everything when available or should I follow "If it ain't broke, don't fix it..." mentality?I would hate for everything to be working fine and then have an update throw me a curve.
View 9 Replies
View Related
Apr 11, 2011
I am running my Ubuntu 32 bit server on top of Windows 7 64 bit with VirualBox. It's a 2 core Atom. It's been working good for about half a year. But the last about 6 weeks the system time only in Ubuntu is going slow. About -8 per 24 hours! I can only guess because I have more things running in my Windows 7 and Ubuntu.
I can set it right by coping the hareware time to system time with this command:
Code:
hwclock --hctosys
I want to run a crontab to have that command run every minute. But it don't seem to run.
[Code]...
View 9 Replies
View Related
Dec 23, 2009
I have installed Fedora Core 11 with SELinux enforcing.It appears (via log files) that if I use a .forward file in the home directory for root that SELinux prevents the use of this mechanism for forwarding e-mail.Is there a way to continue to use SELinux and be able to forward root's e-mail to an outside account?
View 3 Replies
View Related
Jan 6, 2010
I'm running some vm's in FC12 with kvm-qemu and using virt machine manager. I'd like to have some ports automatically forward on startup and be able to add redirections on the fly. Redirection on the fly is talked about here, but I am getting lost on what should be basic instructions.[URL]
As far as startup, In the past I just ran qemu from the cli and manually specified redirection with redir. I can't figure out how to do it with The virt machine manager which I am using to start my VM's now. I do not want the guests to see the host. From cli startup without virt machine manager, it looked like this: qemu -m 256 -hda vm.img -redir tcp:5555::80 -redir tcp:5556::445 &
View 2 Replies
View Related
Sep 25, 2009
When booting Fedora 11, my system hangs for a very long time on starting udev. Sometimes I get an I/O error. However, my hardware is fine. I do eventually get in to the system.
View 7 Replies
View Related
Mar 5, 2010
It looks,slackware is taking too much time to boot. It's starting daemons at boot time.
What are those daemons that i can stop at boot time to increase booting time?
What's the best way to stop starting daemons at boot time?
View 14 Replies
View Related
Dec 12, 2010
I have set up OpenVPN Server on a VM (Ubuntu 10.10) running virtualbox bridged to the host. Everything is working fine excepts the fact that I cant seem to be able to assign internal IP (VPN Server) to client connecting. Let me explain: All my clients are connecting and accessing the internet without any issue. Where I have an issue is that all my clients come out the other way on the internet with my server ip address which kind of defeat the purpose. Is there a way (keeping in mind that I am running the server in a VM) to have all my clients accessing the internet with an IP provided by the VPN Server?
View 4 Replies
View Related
Nov 17, 2010
I am fairly new to Ubuntu/Linux and I have somehow managed to get a server up and running. For the past few months I have been trying to get masquerading working.
I have 2 network cards
eth0=Internal Lan IP address 192.168.0.254
eth1=router External IP address 10.0.0.1
I want all my internal lan traffic to go through my linux box & only have port 80 & 3128 go through squid. So for all pop3/smtp action I want the linux machine to act like a router & for port 80 & 3128 I want it to go through squid.
View 9 Replies
View Related
Apr 30, 2010
I pay for wifi usage. The access points are using mac address filtering. I know this because I can spoof the mac of another computer of mine and get it online. I'd like to get both the computer's online. I've been trying to do ip masquerading. It hasn't been working so far. I am not sure if the computer connected to mine through a cross over cable is revealing its mac address to the access points when communicating. If so, how does one get around this? ping shows connectivity between the two computers.
View 4 Replies
View Related
Feb 11, 2010
l have been trying to enable masquerading in sendmail. I've started from scratch. Here's what I did:
1.My Mail Server name is "ids.com" and local hostname is "server"
2. When I send the mail from my user to other user. The mail goes with user@server
All this allows me to send mail from all of my computers. Now, to get masquerading:
3. I have MASQUERADE_AS(`ids.com'), MASQUERADE_DOMAIN(`ids.com'), and FEATURE(`masquerade_entire_domain'). I also added "ids.com" to /etc/mail/local-host-names to be able to receive mail addressed to that domain.
This masquerades mail originating on the server, but still the mail from the other computers has a "From:" line of the form user@hostname.
View 2 Replies
View Related
Apr 24, 2011
I have a Centos 5.5 Server, Servername is CentOS1. It has a Forum and a HelpDesk. The Help Desk software SENDS and acknowledgement to the user and emails to all the people on the support desk. Users can reply to emails only by accessing the helpdesk NOT by mail. Thus the server is configured to only SEND mail and not to receive any mail at all.
Mail Server is Sendmail.
Hosts file reads : -
# Do not remove the following line, or various programs that require network functionality will fail.
127.0.0.1CentOS1.tech.xxxxx.com CentOS1 localhost.localdomain localhost
::1localhost6.localdomain6 localhost6
There is NO MX Record because this server receives NO mail, it's send only. Unfortunately, the mail it sends has a From Header which is @CentOS1.tech.xxxxx.com. I want it to send from @xxxxx.com. I've read all the howtos on Masquerading and I've tried many, many things, but with the same results. It will NOT change the From. I had it working perfectly a long time ago with a SuSE server, but I can't for the life of me remember what I did. I know I also battled a bit.
The last few lines of sendmail.mc read : -
LOCAL_DOMAIN('localhost.localdomain')dnl
dnl #
dnl # The following example makes mail from this host and any additional
dnl # specified domains appear to be sent from mydomain.com
dnl #
dnl MASQUERADE_AS('xxxxx.com')dnl
dnl FEATURE(masquerade_envelope)dnl
dnl FEATURE(masquerade_entire_domain)dnl
dnl MASQUERADE_DOMAIN(localhost)dnl
dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl
dnl MASQUERADE_DOMAIN(CentOS1.tech.xxxxx.com)dnl
dnl MASQUERADE_DOMAIN(CentOS1)dnl
dnl MASQUERADE_DOMAIN(tech.xxxxx.com)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
dnl MAILER(cyrusv2)dnl
I've tried each one of the MAQUERADE_DOMAIN in turn, none of them work and yes, I have remade it.
View 15 Replies
View Related
Apr 30, 2009
I have some problem getting masquerade works, but no luck. I created a cronjob that do a backup which will notify me by email. I was able to received the email with from "root@domain.mydomain.com" I want to change this to root@mydomain.com, I tried do the masquerade and it does not work.
View 6 Replies
View Related
Jul 1, 2010
I am setting up a computing cluster in my lab, as below. all the "eth0" IP addresses are static (for cluster communication) and the "eth1" of the front node is the only one connected to the internet through lab's DHCP server (which is connected to a centralized computer center in the university). The thing I wish to do is to do some sort of IP masquerading to enable all the nodes to have internet access. I actually google around and read some books. The similar things I came across is setting rules in iptables but I did not manage to get any of them working. I am using Ubuntu Lucid 64-bit on all machine.
View 6 Replies
View Related
Dec 31, 2009
I have an email setup where all of the emails from our email host is downloaded to our Linux server using Fetchmail. Then some of the incoming emails are sent to an MS exchange server (server1.domain.com) using Postfix. What i want to do is to send a copy of all emails to Another server (server2.domain.com) for redundancy.Can postfix be configured to send copies out to both?
View 1 Replies
View Related
Sep 13, 2010
Have a router running OpenSUSE 11.3. I have 3 interfaces
eth0 192.168.0.0/24 - local network
eth1 - The Internet if
eth2 - Citynet
I have configured routing and it works. I can browse the Internet from local net. However, I want to connect to my workstation (192.168.0.3) from Citynet interface. I've made masquerading rule in Yast it works just fine like a proxy do (on 192.168.0.2 local server). Now I need to run VPN server in my local net to connect from Citynet interface, and I have problems with it. I've configured pptpd on the router and it work for local network and I have a vpn server under Windows on 192.168.0.2
So my questions are:
1. What do I need to do in yast to allow vpn (pptp) ftom eth2 to 192.168.0.2?
2. What do I need to do in yast to allow vpn on router?
Some how I succeed to make redirection to 192.168.0.2 and it worked, but I've tried to change it to router and can't get it work again.
In all these cases client has the next message:
pptp[109]: LCP: timeout sending Config-Requests
pptp[109]: Connection terminated.
pptp[109]: Modem hangu
View 2 Replies
View Related
Jul 18, 2010
I have my system set up with sendmail (going through my ISP SMTP server) but when I sent an email using sendmail it was defaulting the from address to user.host.domain or something similar. So I read up about masquerading [URL] and managed to get it to USERNAME@myisp.com however I want to change USERNAME to a different value because my ISP username is different from my machine username. My aim is just to get the from address to be [URL]. This machine is only used by me so I don't need it to be different for different users if that makes things any easier...?
View 4 Replies
View Related
