Debian Configuration :: Routng Traffic To A Website Via A Specific Interface

Jul 30, 2011

I am running Debian Squeeze on an old pc (AMD K62-500) which serves as my multiwan router and torrent box. Internet uplink is provided via a dsl line and 2 wireless canopy modules.

Setup has been generally fine except when connecting/downloading as free user from sites like rapidshare, hotfile, filesonic, etc. The problem arises when I am connected to these sites using the wireless uplinks because of the shared public ip. I don't really download that much using direct download methods so I don't really see myself being a premium user from these sites.

If these sites are on a specific ip or ip range, an entry on the static routing table would have been fine but when I tried using ping, a different ip would appear to reply each time.

I wonder if there can be a solution like using iptables where in traffic to and from these sites will only use the NIC connected to the dsl line.

View 1 Replies


ADVERTISEMENT

Networking :: Force TCP Traffic Out Over Specific Interface / When IP Is Bound To Another Local NIC

Aug 12, 2010

I'm hoping some of the Linux network experts can help me with this problem.

Situation: I have a technology which is a WebLogic JEE application that communicates to an Oracle database. Everything is installed in a single Linux virtual machine running in VirtualBox. Traffic from the JEE application goes via JDBC over TCP to the local running database. What I want to do is test a new database firewall server that wants all traffic destined for the database to flow via another virtual machine running the DB Firewall software.So therefore want I need to do is have DB traffic forced out over one interface only to return on another interface on the same VM listening on a different address.

JEE application running in WebLogic bound to 192.168.111.12 (eth1 a VirtualBox hostonly interface). Makes a request for 10.0.111.12 (eth2 a VirtualBox internal interface) which the database is listening on. Because both IPs are on local interfaces, Linux is going to handle the traffic and not route the 10.x traffic via the 192.x interface.I also have running the database firewall server which has a bridge (br0) between the HostOnly network and the Internal network.Both systems are running Oracle Enterprise Linux R5U4, which is basically the same as RedHat.What I want to do is have the request for 10.0.111.12 forced out via 192.168.111.12, bridged over the br0 connection and back into 10.0.111.12 and to the database. My networking knowledge is pretty good, but i'm stuck right now on the right way to do this. I'm pretty sure it is possible, I just need clear advice.

Reason for setup: Ideally I would build the system with the database on a separate machine so that I can easily route the traffic. Unfortunately we have many VirtualBox based demonstration systems with both the application and database installed on the same VM and therefore the amount of work to migrate these two dual VMs is going to be significant, also many of these VMs are demonstrated from laptops which have limited resources and creating a new database VM reduces overall performance. If I can create a way to force the traffic in this manner off and back onto the same VM via the other VM bridge, it would be fantastic.

View 7 Replies View Related

Networking :: Route Traffic From A Single Host Through A Specific Interface?

Aug 21, 2010

I have a linux router with 2 physical ISPs and a VPN tunnel that all my traffic passes through. I would like to setup a rule to redirect all traffic from one internal IP address (10.0.0.x) through the physical link only. My current script is as follows.

iptables -F
iptables -X
echo 1 > /proc/sys/net/ipv4/ip_forward

[code]....

My goal is to do something similar to the mangle on the tor traffic, but for an entire host.

View 2 Replies View Related

Debian :: Measure Traffic On A Specific Socket?

Jul 19, 2010

Does anyone know how to measure the traffic (packets per seconds in and out) on a specific TCP socket ?

View 3 Replies View Related

Debian Configuration :: Traffic Shaping Per IP

Sep 19, 2010

I have a question regarding Traffic Shaping in Linux, Suppose I have a server on the internet (web, email or ftp) and I want to shape outgoing traffic per IP, say 256k for each destination IP. I've seen examples on the internet on how to shape traffic per IP by adding a queue for each IP, and some examples by using u32 hash if I have e.g. a /24 network, but if I have a server and I want to shape the traffic by destination IP, and of course... since it is a server on the internet I can't manually define any IPs of subnets. An example using the tc command?

View 2 Replies View Related

Debian Configuration :: Traffic Bypasses OpenVPN

Sep 16, 2015

I'm running OpenVPN service on both debian server and client. When start connection between client and server, I expect all the computer traffic (except ARP and DHCP requests) go through created tunnel. However, when I capture packets on wlan0 on client (the only connection going outside host) using Wireshark, I can see DNS requests visible and sometimes incoming TCP traffic as well, but most of the traffic is going through tunnel as expected. I provide both configurations of client and server and client routing table for inspection. I changed server address to avoid server exploitation in the case of some big configuration mistake.

Commands to run OpenVPN services are:
Code: Select allFor client: sudo openvpn --config /etc/openvpn/client.conf &
For server: sudo openvpn --config /etc/openvpn/server.conf &

**Client routing table when VPN is OFF**
Code: Select allKernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.1.1     0.0.0.0         UG    1024   0        0 wlan0
192.168.1.0     *               255.255.255.0   U     0      0        0 wlan0

[code]...

I searched through many forums and documentation and I found, that for all the traffic going via VPN is command: *push "redirect-gateway def1"* neccessary, however, I have leaks despite this command being in place. I already spent over 2 days with this and tried to configure it in many ways, now I have no clue what I'm missing.

View 0 Replies View Related

Debian Configuration :: Routing - Forward All Traffic To An Ip To Another Ip?

Jul 25, 2010

I need to be able to do the following: Physical Router located at 192.168.40.1 On Ubuntu 10.04 Lucid machine:

eth0 with static ip 192.168.40.2
eth1 with static ip 192.168.40.3
eth2 with static ip 192.168.40.4

Associate a virtual address to eth1 with an entirely different network address such as 192.168.50.1 Do the same (virtual address) for eth2 -- e.g. 192.168.60.1 In the application:

register phone number A at 192.168.40.1 (The application will automatically use eth0 for this)
register phone number B at 192.168.50.1
register phone number C at 192.168.60.1

Somehow forward all traffic (including the register request) sent to 192.168.50.1 to 192.168.40.1 as if the register had been made directly to 192.168.40.1. In other words, the app "sends" registration and traffic to 192.168.50.1 but then Ubuntu forwards it to 192.168.40.1 (but the app does not know that). Similarly, forward all traffic sent to 192.168.60.1 to the router at 192.168.40.1.

Do the same for the reverse, forward all traffic that the router sends back to 192.168.40.3 (eth1) to 192.168.50.1 (within the Ubuntu machine) so that the app knows it is for phone B. Similarly forward all traffic that the router sends back to 192.168.40.4 (eth2) to 192.168.60.1 so that the app knows it is for phone C. Thus, the application believes that it is registering at 3 completely separate routers on 3 completely separate networks via 3 separate network interfaces but in fact is really registering all three to the same router (but does not know that). Similarly, the router believes that it is receiving 3 separate registrations because it receives each registration request and traffic from 3 separate interfaces and thus 3 separate mac addresses (i.e., of eth0, eth1, and eth2). Traffic sent to and from the router for each of the 3 phone numbers (via eth0, eth1, and eth2) are not mixed because the translation happens in both directions.

View 10 Replies View Related

Debian Configuration :: Tunnel All Traffic Through PPTP VPN

Dec 12, 2010

I installed the PPTP Client [URL] and can successfully connect to my VPN (creates interface ppp0). The problem is, I'm trying to tunnel all of my traffic on my system through the connection. I've seen conflicting howtos and scripts including pptpclient's documentation (the ip-up and ip-down scripts don't work). How does one simply (even if I type it manually) tunnel the traffic?

System Info:
OS: Debian Squeeze, Kernel 2.6.32-5-686
GUI: Gnome (standard one from netisnt unstable install)
Main interface: eth1
PPTP interface: ppp0

View 1 Replies View Related

Debian Configuration :: How To Modify Traffic Between Two Interfaces In Linux

Aug 8, 2015

I have a laptop connected to internet via wlan0. I also have eth0 interface and with it I share internet. I want to modify/filter all the traffic passing by the first laptop, something like this:

Code: Select all                    *---------------------------*
                    |        LAPTOP 1           |      *--------------* ?
                    |-----*    *------*    *----*      |              |
    INTERNET<------>|wlan0|<-->|MY_APP|<-->|eth0|<---->|ANOTHER LAPTOP|
                    |-----*    *------*    *----|      |              |
                    *---------------------------*      *--------------*

I know that in FreeBSD it is possible to use ipfw for that purpose, because it build-in into kernel. We set for example rule Code: Select allipfw add divert 2000 ip from any to 1.0.1.1

and we can use our own application to process those packets, reinject them forward etc. It will work also fast, because as I said, it build into kernel.

Is there any standart Linux-based solution to do the same? I found some info about netmap-ipfw. Is this a correct solution? Or I have to use for example IP-aliases and iptables to do that?

I need to process all the IP-packets, not only TCP/UDP/etc-protocol. Solution also must be very fast.

View 0 Replies View Related

Debian Configuration :: Redirecting Traffic Through SOCKS Proxy?

Aug 11, 2010

I would like to redirect traffic coming from a machine A through a SOCKS proxy (setted on machine B)Machine B run "ssh -D 4242". So that create a SOCKS proxy on machine B.Machine A would like to connect on the internet, but the only way is to use machine B SOCKS proxy. The problem is machine A don't know how to use SOCKS Proxy. (Actually, i can just set ip, netmask and gateway on machine A).So, I would like to set up something on machine B that will redirect all traffic coming from machine A throught the SOCKS proxy.

View 1 Replies View Related

Debian Configuration :: Torrent Traffic Very Slow / Make It Up?

Jul 10, 2011

I am running on debian squeeze 6.0.2. I have been using it for the last id say 3 weeks and really am enjoying it.

I generally use transmission-gtk to share files over the internet. Normally I seed torrents at 110-160kb/s for hours at a time. However after messing around with firestarter my upload speed for seeding torrents rarely peaks over 70kb/s. I have purged firestarter with no success of my regular upload speed, and am very confused as to what happened. I also notice sometimes when it will get to about 70kb/s it will immediately drop down to the 20-30kb/s range.

For incoming bittorrent connections I use port 37294. I have set port 37294 to be allowed in my firewall, and forwarded in my router (since purging firestarter did not help I just reinstalled it).

I have also read allowing ports 6881-6889 is important, but I have never done that in my history of using torrents, and I have never experienced a decrease in UL speed like this.

Have I done something incorrect? I have never had this issue on other machines?

View 2 Replies View Related

Debian Configuration :: IPTABLES Protocol To Reject All Incoming Ssh Traffic

Apr 4, 2010

a good IPTABLES protocol to reject all incoming ssh trafiic except for a single IP or IP range?

View 4 Replies View Related

Debian Configuration :: IPTables - Local Host Cannot Get Returning Traffic

Sep 20, 2010

I have a strange iptables issues. I have just built a new Debian install and starting adding some real basic rules (see below) the problem seems to be that the localhost itself can't get any returning traffic. That is, it seems to be allowed outgoing traffic but not the connected, returning traffic. Ordinarily allowing Established Connections would resolve this, see the rule below, but it hasn't. Why this doesn't work. Removing the last DROP in the INPUT chains obviously makes the traffic work!

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -j ACCEPT -p tcp --dport 22
iptables -A INPUT -j ACCEPT -s x.x.x.x
iptables -A INPUT -j ACCEPT -s x.x.x.x
iptables -A INPUT -j ACCEPT -s x.x.x.x -p tcp --dport 80
iptables -A INPUT -j ACCEPT -s x.x.x.x -p tcp --dport 8080
iptables -I INPUT 1 -i lo -j ACCEPT
iptables -A INPUT -j DROP

View 3 Replies View Related

Debian Configuration :: VPN PPTP Load On Start And Route All Traffic Through Ppp0?

Mar 28, 2016

I am in serious situation involving PPTP protocol VPN in Debian 8 Jessie stable. I recently became a paid VPN subscriber. Using PPTP; Is there a way to automatically route all traffic through ppp0? Im getting the vpn service killed (ip address goes back to normal unmasked state) whenever there is a power outage (modem reset) and there are alot of those where I live, Im going to get astabilizer and I need a software solution for the situation as well. Theres gotta be a way to route all traffic through the VPN route ppp0 . I tried adding persist and maxfail 0 to the pptp config file but it did not do what i wanted.

Here's my peer configuration file :

pty "pptp blabla.net --nolaunchpppd"
name blablabla
password blablabla
remotename PPTP
file /etc/ppp/options.pptp
require-mppe-128
refuse-eap noauth
persist
maxfail 0

On a second note, its clear to add that I basically need a way to also auto load the line

pppd call blabla.net
and
route add default dev ppp0

On system startup by default so the computer does not use "Wired" connection ^at all^ when not through ppp0. Any other way of not losing VPN anonymity ever due to hardware malfunction.

Is there a way to do this? Ive looked on the net and everything seems like its either from the nineties or can fry my pc , Im no debian expert, less than a year at linux..

Need it to use wired only if ppp0 is being used so if its no vpn, no connection at all period,

View 1 Replies View Related

Debian Configuration :: Editing / Etc / Hosts File To Make Website Loopback

Sep 6, 2010

I am trying something a bit tricky.Suppose there is a website URL...Now suppose when i open a file /var/www/ test.php which connects to the above website to gather some info and then allow me to further in the process, i want it to instead direct to a file say /var/www/test_done.php.How do i edit my hosts file for such a scenario? Is there any other better option than using a hosts file ?

View 1 Replies View Related

Debian Configuration :: KVM / One Interface / Multiple IP Addresses

Dec 27, 2015

I'm renting a server which comes with 5 IP addresses, but only one network device. From what I can understand I'm able to create aliases by adding entries to /etc/networks/interfaces, I haven't tried I'm in the planning stages. Hypothetically, 192.168.22.30 is my primary IP and I want to set eth0:1 to have 192.168.22.31, and then after that I want to create a virtual machine (using kvm/qemu) that is able to communicate bidirectionally to the internet over eth0:1, and leave eth0 strictly for administrating (not for VM traffic).

The qemu guides I'm finding seem to assume that I want to use TAP or VDE, what I want to use is a sub-ip/alias. One guide I saw had me eliminate everything from eth0 and put it under br0. That would leave me unable to ssh into my server (and unable to administrate). Is there a way I can do something along the lines of: qemu [options] -net [option] -netdev=eth0:1 ?

View 1 Replies View Related

Debian Configuration :: Bind A Port To Interface

Jan 31, 2016

Is is possible, via iptables or something similar, to bind a service running on a specific port to a specific interface? My case: I use a VPN service for privacy. I would like to have all traffic except ftp and ssh to run over tun0. Ports 21 and 22 will need to be accessible to the outside world (eth0) while the VPN is running.

View 3 Replies View Related

Debian Configuration :: Routing With Interface Aliases?

Apr 3, 2010

I'm facing a strange networking problem here. I'm running Debian Lenny in an OpenVZ container and my network setup is as follows:

link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host

[code]...

View 4 Replies View Related

Debian Configuration :: Remove A Specific Folder From Backup?

Oct 14, 2010

How to remove a specific folder from your backup?$ rdiff-backup --remove-older-than now /backup/backup_laptop/home/derick/DownloadsFatal Error: Increments for directory /backup/backup_laptop/home/derick/Downloads cannot be removed separately.Instead run on entire directory /backup/backup_laptop.

View 2 Replies View Related

Debian Configuration :: Aptitude Update From Specific File?

Feb 18, 2011

I'm developing with puppet, and I need to do an aptitude update from a specific file, here is my configuration: The file sources.list in /etc/apt/ is deleted. I've created 3 files in /etc/apt/sources.list.d each one with their repos:

00-debian_sources.list
deb http://ftp.fr.debian.org/debian/ lenny main contrib non-free
deb-src http://ftp.fr.debian.org/debian/ lenny main contrib non-free

[code]....

All the repos are updated/refreshed , and I only want to refresh/update the specific repos insie of the file 01-debian_security_updates.list. On the other hand if I put some repos in the sources.list and delete the 3 files and I create an external file for example in /tmp/temprepo and I do the command aptitude update -o dir::etc::sourcelist=/tmp/temprepo it works fine.give some workaround to update and then upgrade packages from the files specified in my config.

View 1 Replies View Related

Debian Configuration :: Use Specific Address For Dhcp Server?

Apr 27, 2011

I'm running gnome desktop on squeeze system. When I boot my system seems to be using my internet modem as its dhcp server. The rest of the machines on my lan are correctly using my router for that purpose. As a result, what happens then is that my debian machine frequently gets a duplicate ip address assigned to it. I would like to specify to my debian computer that I want it to use the specific fixed ip address of my router for dhcp purposes.

View 9 Replies View Related

Debian Configuration :: Wireless Interface - Unknown Error 132

Apr 18, 2010

After updating and subsequently restarting today, I can no longer bring up my wireless interface:

ifup wlan0
SIOCSIFFLAGS: Unknown error 132
Could not set interface 'wlan0' UP
SIOCSIFFLAGS: Unknown error 132
SIOCSIFFLAGS: Unknown error 132
Failed to bring up wlan0

iwconfig
lo no wireless extensions.
eth0 no wireless extensions.

wlan0IEEE 802.11abg ESSID: off/any
Mode: Managed Access Point: Not-AssociatedTx-Power=off
Retry long limit:7RTS thr: offFragment thr:off
Encryption key:off
Power Management:off

lsmod | grep iwl
iwl3945 77904 0
iwlcore127432 1 iwl3945
mac80211 180929 2 iwl3945, iwlcore
cfg80211 142905 3 iwl3945, iwlcore, mac80211

View 1 Replies View Related

Debian Configuration :: Choose Which Network Interface A Program Uses?

Jan 29, 2011

Suppose I have both a hardwired and a wireless network connection active on the same system at the same time. Can I tell my browser which one to use? Can I tell other programs which one to use? Or do they choose for themselves> Or does some automatic system protocol select which one to use for them?

View 5 Replies View Related

Ubuntu Networking :: Can't Get Traffic Across Interface

Feb 2, 2011

I've got 4 or 5 of these TRENDnet USB network adapters ( TU-ET100c ) that I use frequently when I'm configuring firewalls or IPS devices for customers. I use them in combination with VirtualBox to test. They've always worked great until my new laptop I just got, and I put 10.04 on it. Previously I was on 9.x. Sometimes they will give a link light, other times not. And when they do the interface shows that it's up, but I can't get any traffic across the interface.

[code]...

View 3 Replies View Related

Networking :: Traffic Counting On The Interface?

Jan 16, 2010

How do you count the traffic on the interface, friends ?

I have a router for a medium-size LAN. HTTP-traffic goes through the transparent proxy, logs are parsed with Sarg, so that's the way I look how much megabytes my users 'do' daily.

Now I want to get rid of proxy, just to do sNAT. But I still want to know the daily traffic of my users (even in general, not for each user).

The router is run by Slackware 12.2.

View 1 Replies View Related

Debian Configuration :: Downgrade Specific Files , Cifs / Samba?

Oct 8, 2010

I'm having trouble making my cifs shares user mountable
from bash: mount.cifs: permission denied: no match for /home/jcress/gatton/webspace found in /etc/fstab

View 1 Replies View Related

Debian Configuration :: How To Assign Specific Local IPs In Home LAN Using DHCP?

Apr 29, 2011

I have some beginner questions about DHCP, Avahi, and configuring a small home LAN.Suppose I have a dynamic IP address assigned by my ISP, which requires DHCP be enabled in my dsl modem/router/"firewall" [sic]. Suppose for simplicity I have just one PC behind the dsl modem.I think "enabling DHCP" in the modem/router means that a DHCP client runs on the router, which communicates with a DHCP server run by my ISP when I boot up a PC on my LAN. Is that guess correct? Can I get DHCP to assign a particular local IP, say 192.168.1.10 (which is not the one taken by the router--- for this discussion, let's say that is 192.168.1.0) to my PC each time I boot it up?

Now suppose I want to build a stand-alone firewall, so that my LAN will have the firewall and the first PC behind the modem, with the first PC virtually behind the firewall. By default, I think these will both have DHCP clients running which I need to configure properly. The firewall should also have a DHCP server which should control how local IP addresses are assigned, correct? I should try to arrange that the LAN has only DHCP server, only one NTP timeserver, only one DNS nameserver, correct?My first PC seems to have installed an autorun client called Avahi, which performs DNS multicast services and incorporates something called zeroconf which seems to have something to do with remote desktops, which I don't need and which is a potential security hazard. But it seems that Avahi is an intrinsic part of the KDE desktop and cannot be removed. Just want to be sure that Avahi can coexist comfortably with dhcp3-client, which is also installed on that PC. They perform different tasks, correct?If I can get the stand-alone firewall to work, I know I need to turn off the commercial firewall in the dslmodem/router/firewall device. Should I purchase a bridge and try to turn off the routing function also?

View 8 Replies View Related

Debian Configuration :: Installing Specific Kernel As Boot Option?

Jul 29, 2011

I need to install any version of Debian with the Debian Kernel version 2.6.22-3-686. I don't mind what version of Debian it is, I just need it to have this specific kernel! Debian Etch comes with 2.6.18-4-686 and Lenny comes with 2.6.26-2-686 so the kernel I need is obviously somewhere in between.

I have tried using the following commands to see if kernel 2.6.22-3-686 is available for download via the apt-get method in both Debian Etch and Lenny but it is not...

apt-cache search linux-kernel
apt-cache search linux-source

So does anyone know where/how I can download specific kernels and install them for use? I have a computer sitting next to me that has multiple kernels as an option on boot, and they all boot into the same system, however I do not know the person who set up the computer so cannot ask them how they did it

View 2 Replies View Related

CentOS 5 :: Send Specific SIP Traffic Only Through Tun0-00?

Sep 20, 2010

I got to establish an OpenVPN connection between two server and I have dhcpd on the client server which feeds a few SIP phones. All these phones are supposed to the register server through the tunnel.Here is the network structure:

Client CentOS:
eth0: 192.168.0.0/24
eth1:192.168.100.0/24
tun0:172.15.0.0/24
DHCPD: feeding above eth1 and all the phones with 192.168.100.0/24

If I ping 172.15.0.1 from the the Client CentOS it works all fine. Everything pings and I can even do SSH. However, the phones which obtain their ip through eth1 on the same server can not reach the 172.15.0.1. I think it's a route issue here. Can you please guide me to the right direction as to how to forward certain traffic through tun0 and leave the rest of the traffic to go through eth0?

I don't want to turn on IPTABLES as this is time consuming for me now and there is VPN setup. It has to do with setting up the routing but I am not sure.

View 4 Replies View Related

Debian Configuration :: Systemd Fails To Raise Up Network Interface

Mar 15, 2016

Is this a problem of systemd or network-manager however when I started to see this alert I noticed the nm-applet doesn't start automatically anymore.

Code: Select allsystemctl status network
networking.service       network-online.target    network.target
network-manager.service  network-pre.target       
zagor@Debian-635:~$ systemctl status networking.service
● networking.service - Raise network interfaces
   Loaded: loaded (/lib/systemd/system/networking.service; enabled; vendor prese

[Code] ....

View 5 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved