Networking :: Redirect Marked Packets To Internal Website?
Dec 17, 2010
I found this really cool guide / info about creating an internet portal where users have to register (their MAC) with the server to use the internet. basically if users MAC's are in the list they get routed to the internet if not they get routed to an internal page asking them to register. It works great and works well. I was wondering if there are some smart people out there who could help me reverse the process.. eg if your mac is not in the list you can access the internet if it is, you are redirected to an internal page saying "youve been blocked"
The firewall rules are as follows.
Code: IPTABLES=/sbin/iptables
# Create internet chain
# This is used to authenticate users who have already signed up
$IPTABLES -N internet -t nat
# First send all traffic via newly created internet chain
[Code]...
View 3 Replies
ADVERTISEMENT
Feb 8, 2010
i have a linux server runnig oracle applications. i need to access this server from putty using ssh through internet. i did by registering my static ip with the dnydns.org and i am able to connect to the server. but now there is no security to authenticate any user as any one knowing the password can login to it.
i thought of configuring the firewall of linux server but the client ip`s are not static and they change continiously. so thought of keeping one more pc between the server and the router which will do the work of authenticating. but i am confuse as how to configure it to allow the packets coming from the internet after authenticating and to by pass the packets generated from internal LAN?
View 8 Replies
View Related
Jul 6, 2011
is there any way to point certain packets from my outgoing traffic to a LAN : port ?
can iptables do this ? if yes how ?some like this [URL] ?
View 1 Replies
View Related
Mar 22, 2010
I'm trying to workaround a limitation in a server application. The limitation is that I can only connect to a LOCAL mysql database. I am trying to fool the server in to using a remote mysql database. I was hoping to do this by simply forwarding 3306 to another server on the same subnet.To that end I've set up iptables rules to forward all connections to port 3306 to a non-standard mysql port on a remote server. This works, except that I need to deal with the loopback interface in a special way and I'm stuck.
View 14 Replies
View Related
Mar 16, 2011
This is where it starts: I have 2 networks. The first: 192.168.1.0/24 composed by the router which has access to the internet with the IP 192.168.1 and the server (who is a gateway) with the IP 192.168.1.42 The other network: 192.168.2.0/24 composed by the gateway with the IP 192.168.2.1 and the clients (on the 192.168.2.0/24 subnet). To sum up, the gateway has 2 IPs (192.168.1.4(eth0) and 192.168.2.1(eth1)). On this gateway, I have squid installed (and listening on port 3128). I also made a redirection to redirect some computers who want to access to the web (port 80) to squid (port 3128) with this command: /sbin/iptables -t nat -A PREROUTING -m mac --mac-source CLIENT_MAC -p tcp -m tcp --dport 80 -j REDIRECT --to-port 3128
At this stage, everything works fine. The clients can access the web by the proxy without "knowing". What I wanted to do, is redirect also the port 443 (HTTPS). Actually, when a client wants to access to, for example, [URL]. He cannot. So I would want to be able to redirect people (without passing by any proxy) directly to google. Like a NAT. But the problem is that I can't. The thing would be to, in the gateway, take all the packets with port 443 in destination and handle them to the router 192.168.1.1. Then, when the router sends the packet back, the gateway takes the packet and handles it to the client. I tried putting ip_forward to 1, but the problem is that all IPs and ALL PORTS are forwarded. And I just want port 443 to be forwarded.
View 4 Replies
View Related
Feb 6, 2010
I like to redirect some websites to [URL]... how to perform this? For example when i enter "[URL]... " it should redirect it to "[URL]..."
View 6 Replies
View Related
Feb 26, 2010
I have two servers on my network One with ubuntu 9.10 server And one with openSUSE 11.2.The ubuntu server is my webserver and runs phpsysinfo and my website. On the openSuse server i have a webbased application and some files that i want people to be able to reach by using mydomain.com wich points to my ubuntu server. Is there any way to do this?
View 1 Replies
View Related
Apr 23, 2010
I have several web servers running apache on my LAN. Each internal server hosts a number of domains.I would like to make these available to the internet and make sure they all get to use port 80 and 443.My idea was to put Apache on the firewall and have all http(s) traffic from the Internet to my firewall be redirected by Apache to the different internal apache servers. This, in theory, would allow me to keep the standard http(s) port.
Can this be done? I was thinking of mod_rewrite and mod_redirect but in all honesty, I'm a little at a loss on where to start.Can someone point me to relevant documentation or give me the basic idea on how to start?
View 2 Replies
View Related
Feb 18, 2009
I would like to redirect a external IP to a internal IP, all done with Apache. Is that possible.
View 4 Replies
View Related
Aug 30, 2010
i need to write a program in c that can sniff packets from Ethernet and distinguish RTP packets from Non-RTP packets, i have no idea what should i do
View 9 Replies
View Related
Aug 4, 2010
I have a firewall/router box running openSUSE 11.2 between the outside world and the LAN. This router also provides DNS for the LAN and has SuSEfirewall enabled. LAN users need (almost) full access to the internet. However, I want to block certain sites which are not required for work (you name it: facebook is my candidate). What is the most elegant way to block certain sites (which have quite a lot of different IP numbers) ?
View 2 Replies
View Related
Apr 18, 2011
we have a dual server setup: Windows server 2003 and Ubuntu 10.04 with apache installed with all the goodies. This is all virtualized. What I'm wanting to do, is make the new website we've created run on the Ubuntu machine, which it is, and be accessible outside the office. However, by doing this, we forfeit being able to use remote access or web exchange on Windows server 2003.
How can I create a link from the new website on Apache point to the internal server and it work outside of the office?
View 7 Replies
View Related
Sep 27, 2010
I have a hardware device with two ethernet ports, eth0 and eth1 running Centos 5. Basically my goal is to forward packets from eth0->eth1 and eth1->eth0 as well as get a copy of these packets for analysis. If I set IP routing to do the forwarding then I won't get a copy of the packets for analysis.
View 3 Replies
View Related
Apr 18, 2010
I open Firefox, Some Website Works, on some other Website Firefox Says "Connecting to...",but all the Sites I have Tested working on my Windows 7.
View 3 Replies
View Related
Sep 6, 2010
My setup is...I have a wireless access point using laptop as a gateway. The AP is also connected to a switch as is the laptop. So the laptop has two interfaces one wireless and one wired. A third device is using the AP to connect to a server on the internet. The AP sends the packets to my laptop where they are dropped. I've been looking for a solution to this problem without success. Basically is there a way for my laptop to forward all packets it sees from a certain IP address to whatever destination address they have?To clarify, my laptop is just the gateway of the AP and none of the packets are addressed to it at all, it just picks them up using a sniffer or similar tool.
View 1 Replies
View Related
Dec 3, 2010
using layer 7 filtering how to block the ftp packets?..
In My router i am going to add a below rule.... iptables -A OUTPUT -m layer7 --l7proto tcp --dport 20 -j DROP
above statement will it work in my router?.
View 1 Replies
View Related
Oct 17, 2010
1) i have to find the source and destination address in the ip and ethernet headers of a packet that go from my machine to the router.2) Then i have to do the same for the packet that goes from the router to my partner's machine.Then I have to answer the above questions but now for the echo replay.How could i see these address?The result could be found in the output of a tcpdump?
[guest@shakti guest]$ sudo tcpdump -en host 128.238.62.101 and 128.238.61.101
tcpdump: listening on eth0
20:27:36.662737 0:4:75:b5:20:bc 0:3:e3:2a:4a:60 ip 42: 128.238.61.101 > 128.238.62.101: icmp: echo request
[code]....
View 2 Replies
View Related
Feb 15, 2010
I've a ssh server on FEDORA 12. It was going well but now it's overloaded with ARP traffic and is unable to run ssh. normally i'm getting about 150 packets in just 3 second
View 1 Replies
View Related
Jun 7, 2011
we are using Red hat enterprise 5.4 for our internet connection with following ip's
eth0: 192.168.1.2 (local lan)
eth1: 114.143.28.240 (static ip address for 1st isp)
eth2: 192.168.100.149 (2nd isp modem connected with lan cable)
first isp i.e tata internet connected to the internet and working very well
now i want 2nd isp to work when the first isp goes down, i had configured all dns in the resolve.conf and squid.conf, when i switch off the 1st isp for checking that failover is working or not i cannot get internet packets from the second isp.
View 5 Replies
View Related
Jun 10, 2010
my Linux does not workDoes not accept incoming connectionsiptable disabledping is a network but cannot nor at 22 nor at any other connectsHow do I check what is blocking the connection
thnx alot.OS Ubuntu 9.4
View 4 Replies
View Related
Oct 1, 2010
One of our RHEL 5.3 servers has trouble about 30% of the time with TCP-based communications, but it does not seem to be firewall issues. From another computer on the same switch, you can SSH to the server sometimes and other times the SSH command will just hang. When it hangs, you can often just Ctrl+C and try it again and it works. Same with HTTP connections. You'll get part of a web page and then FireFox will just hang waiting for the rest and eventually time out. Same goes for communication initiated FROM the server. SSH'ing from the server to any outside server or connecting to any web site works sometimes, but most times not. iptables if off. No other firewalls are running. Tcpdump shows communication gets so far and then stops. It does not matter whether tou run tcpdump on that server or the client connecting to it. Either way you see the connection stops working. MEANWHILE, pinging with small or large packets works flawlessly. 10,000 packets, zero drops.
View 5 Replies
View Related
Jan 11, 2010
I've recently installed Ubunter 9.10 Server Edition to use as a NAT firewall for the lab I run. I'm using iptables to do NAT forwarding and everything works great except that, occasionally, connections seem to break. Ssh connections close with "Connection reset by peer" and HTTP connections just stall out.I believe this has to do with the firewall's internal network interface occasionally dropping packets.
View 2 Replies
View Related
Mar 11, 2010
I have two NIC's interfaces on my linux machine(eth1 and eth2). Each have different IP addresses(10.0.0.1, 10.67.7.1). These two interfaces are connected together through hub. Here is the my question?
1) If I 'ping 10.0.0.1', it should go out through network interface eth2 and through hub and enter on eth1 and response also travel through similar direction.
2) If I 'ping 10.67.7.1', it should go out through network interface eth1 and through hub and enter on eth2.
How can setup routing table for this,I have tried setting up routing and iptables, etc.. nothing helped.
If any one good router/networking guy, you should know this one.I am doing a project, I want this way to handle this.
View 9 Replies
View Related
Jun 11, 2009
I have a network like
Node A to Vlan Switch
Node B to Vlan Switch
Node C to Vlan Switch
Node B is set up to be a middle man between A and C.
All nodes have 1 NIC.
They are all linux boxes. Node B can ping Node C. When I try to ping Node C from Node A, the ping just hangs forever.
When I use Wireshark to sniff What's going on with Node B during a ping from Node A to Node C, I can see an ICMP request with src = Node A and dest = Node C. I'd like to know if that ICMP packet was received by B from A or if it is going out. If it's going out, that makes no sense since B knows how to send to C. If B is only getting the requests but not forwarding them, then I know there is something wrong with B's configuration.
So I'd like to be able to sniff incoming packets only, or outgoing packets only. Is there a way to do this?
View 1 Replies
View Related
Apr 16, 2010
I have a legacy application that communicates status to a remote server over UDP. The server app replies back to the client with UDP as well, using the IP address it obtains from the sockaddr parameter of the recvfrom() method.
Code:
[----------------] [----------------]
[ client <->(udp)]<----- Ethernet -----> [(udp)<-> server ]
[----------------] [----------------]
I'm trying to replace the underlying use of ethernet, with a RS232 based radio/modem device - without making any src changes to the legacy apps. i.e. apps would still create and transmit UDP packets addressed to a remote IP address and listening port, and the receiver wouldn't know any difference. I'm relatively new to this level of network programming, but my first attempt has been to write an app that sniffs out outbound raw UDP packets (using pcap), transmit that data over the radio, and re-injects the UDP unchanged on the remote end.
Code:
[----------------] [----------------]
[ client <->(udp)] [(udp)<-> server ]
[ | ] [ ^ ]
[ v ] [ | ]
[ /capture/]<---- Radio XMIT ----> [/reinject/ ]
[----------------] [----------------]
My 'capture' app intercepts the UDP packets just fine when the machine is 'plugged' in, but as soon as I disconnect my network cable to test wireless, outbound packets addressed to a remote IP (ie. the server) are no longer captured (tho local UDP packets are picked up ok). Wireshark also does not report the original outbound packet, but it does show an ICMP packet reporting 'Host Unreachable'. I understand the host isn't reachable, but I'm confused as to why the packet isn't at least making it to the interface/network card. Is there anyway to get the force the kernel to 'transmit' the UDP packet anyway so that my capture app can intercept it? or is there a better/easier solution (again, w/o making source changes to the client/server)?
View 4 Replies
View Related
Feb 13, 2009
I have question regarding netstat? When performing a "netstat -s" I receive the following information regarding dropped packets under IP:
IP:
93978695 total packets received
0 forwarded
0 incoming packets discarded
79472157 incoming packets delivered
65235033 requests sent out
29527 outgoing packets dropped
However if I run a "netstat -i" I have no dropped packets whatsoever: (apologies for the table format):
Kernel Interface table
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
bond0 1500 0 34326528 0 0 0 72755307 0 0 0 BMmRU
bond0:1 1500 0 - no statistics available - BMmRU
bond1 1500 0 28605491 0 0 0 20948952 0 0 0 BMmRU
eth0 1500 0 34199550 0 0 0 72755278 0 0 0 BMsRU
eth1 1500 0 126978 0 0 0 29 0 0 0 BMsRU
eth2 1500 0 97911 0 0 0 1 0 0 0 BMsRU
eth3 1500 0 28507580 0 0 0 20948951 0 0 0 BMsRU
lo 16436 0 34094225 0 0 0 34094225 0 0 0 LRU
View 5 Replies
View Related
Jan 14, 2010
I am new to Ubuntu almost installed it after windows showed blue screen 4 ever n ever. However after installing ubuntu whenever I log in windows it doesnt detect any network connection but when I use Ubuntu it automatically does can it be that Ubuntu is causing any problem? And how to check how many packets are being sent and received through my wired network and do I have to install any drivers for my modem in Ubuntu.
View 5 Replies
View Related
Mar 13, 2010
I am using ubuntu 9.10. Configuring my firewall using guarddog. I have setup a rule to allow traffic OUT on port 7078 UDP, and just because i'm having problems i added an IN rule.
# Create the filter chains
# Create chain to filter traffic going from 'Internet' to 'Local'
ipchains -N f0to1
[code]....
View 2 Replies
View Related
Dec 10, 2008
I am not a networking expert by any means (in fact I have never taken a networking course), but I have taken several security courses, and generally we wind up discussing replay attacks. For example, the Needham-Schroeder protocol (using symmetric-key cryptography anyway) is flawed because it allows for replay attacks, and I understand why.
I guess my question is actually how someone would perform a replay attack. I know I can sniff network traffic by downloading wireshark. I also have downloaded winpcap and npg on my WinXP virtual machine. I'm trying to use this guide to help me, but I'm quite lost:[URL]What I did was to post a "link" to my facebook profile and I sniffed the traffic using wireshark. What I would ultimately like to accomplish is to copy that packet out of the wireshark output, and then use a tool like npg to transfer the raw packet back to facebook, which should result in a second, redundant post. I just can't figure out how to do that.
I'm pretty sure this should be possible. Facebook only uses an SSL session for authentication during login. After that, the information is just sent in the clear, so I'm pretty sure this should be possible.Can anyone explain how to do such a thing? It would really help my research paper that I'm working on this semester if you can. As of right now the attack we are trying to demonstrate/defend against is using a Windows VM, which is why I'm using winpcap/npg. The attack is actually possible using just about any OS (depending on the exploit used), but our POC is Windows only at the moment
View 4 Replies
View Related
Jun 10, 2009
Suppose I have computer A with ip address on eth0 of 192.168.0.1 and ip address on eth1 of 192.168.1.1. If I send packets to 192.168.1.1 from computer A, it automatically uses the loopback interface. Is it possible to modify the routing table some how to send these packets out on eth0 instead and have them route around the network and come back on eth1.I've tried 'route add -host 192.168.1.1 dev eth0' but it seems to completely ignore this entry.
View 5 Replies
View Related
