Networking :: 2 Isp On 3 Lan Cards / Cannot Get Internet Packets From The Second Isp?

Jun 7, 2011

we are using Red hat enterprise 5.4 for our internet connection with following ip's

eth0: (local lan)
eth1: (static ip address for 1st isp)
eth2: (2nd isp modem connected with lan cable)

first isp i.e tata internet connected to the internet and working very well

now i want 2nd isp to work when the first isp goes down, i had configured all dns in the resolve.conf and squid.conf, when i switch off the 1st isp for checking that failover is working or not i cannot get internet packets from the second isp.

View 5 Replies


Networking :: Firewall - Allow Packets Coming From Internet After Authenticating And To By Pass Packets Generated From Internal LAN?

Feb 8, 2010

i have a linux server runnig oracle applications. i need to access this server from putty using ssh through internet. i did by registering my static ip with the and i am able to connect to the server. but now there is no security to authenticate any user as any one knowing the password can login to it.

i thought of configuring the firewall of linux server but the client ip`s are not static and they change continiously. so thought of keeping one more pc between the server and the router which will do the work of authenticating. but i am confuse as how to configure it to allow the packets coming from the internet after authenticating and to by pass the packets generated from internal LAN?

View 8 Replies View Related

Ubuntu Networking :: Internet Dataflow Over Wireless - Get 1 Or 2 Ping Packets

Jun 4, 2011

I'm running Lucid (10.04), dualboot vista, but I'm having some issues with my wireless USB dongle. Previously (in a different) location, the network wasn't showing in my wireless network tab, and that was never resolved. But now I'm in a new place, and what I'm finding is that my network is showing up in the networks tab, and I can select it, enter the PSK, and it starts to interrogate, but never seems to manage all the way through to getting internet.

Im not sure whether the machine is able to connect to the network, but not the wider internet, or what. The only indication I'm getting is that its connecting for a length of time, then gives up. I have managed to get the update tool pop up - so I'm not sure if thats an indicator of some internet connection or not (presumably it only generates the list of packages to update when it can connect to the net and see what updates are required...) I believe its also managed to get 1 or 2 ping packets through to the internet. I'm driving a belkin N-wireless USB adapter, N10117.

View 1 Replies View Related

Ubuntu Networking :: Intermittent Internet Connection - Freezes And Doesn't Receive Few Packets

Mar 31, 2010

I'm having problems with my internet connection; it seems to be working fine then every other click of a page there is no connection, then I click it again a second later and it works. I am using a wired network connection plugged into an addon wireless router.

When I use ping under network tools it seems to be fine, then freezes halfway through and doesn't receive those few packets, giving me a transmission percentage of about 70%.

View 2 Replies View Related

Ubuntu Networking :: Manage Multiple Internet Connections With Different Cards?

May 25, 2010

I'm running ubuntu lucid and i was thinking in purchasing one or more extra wifi cards to try to configure my computer to manage different conections at the same time, with different isp's. The thing is that I'm not quite sure if what i want to do is actually possible.

The easiest way that crossed my mind was to try to configure a / multiple virtual machines that are redirected threw proxies to ubuntu and try to configure that each proxie port goes threw a different internet gateaway. This way i might be able to divide threw different sessions of JDownloader, installed on each virtual machine, the things i want to download. The negative aspect of this idea is having multiple jdownloader sessions will make my laptop work to almost 100% for sure...

Another thought i have was to make JDownloader manage its downloads in only one session redirecting them to my internet conections; the negative thing is that i think i will have to try to modify its source and learn java...

And well my last possible configuration i had in mind was to try to make ubuntu directly add up all my internet conections manage as if it was one. the negative thing here is that i might not be able to get multiple downloads from some sites

Well, all this where just thoughts, im struggling whether to buy another card or not to try to setup any of this configurations but im not really sure if any of them are actually possible. Is there an easy way to manage this?

I just want to take the most out of my internet conections... if i'm at college i have to options that are quite slow, adding them up with two cards would be great, i might also be able to add a third and a fourth conection. Also if i'm on a coffe and i need some bandwith i could try to make it go with an open network arround, etc.

View 1 Replies View Related

Fedora Networking :: Samba Share With Two Network Cards - No Internet Access

Mar 1, 2009

I have a fedora 10 box with two network card on eth0 I have a pppoe connection to the internet, on second card eth1 I share my internet connection end I set up a samba server but I don't know if the settings are good. How to do this settings right to work fine, the ip are assigned by dhcp I don't use any static ip .When I try to browse the internet from the other computers some site's like {.com ; .org ; .info} are block, other site from {.ro} are working. Someone tell me something about turn off all my filters, but I don't know where to find this filter to turn it off. And when I use samba I can't have and internet access or vice versa. My network look like that:

|<--pppoe connection
(fedora 10)
comp.1 comp.2
Win OS MacOS

View 2 Replies View Related

Programming :: Write A Program In C That Can Sniff Packets From Ethernet And Distinguish RTP Packets From Non-RTP Packets?

Aug 30, 2010

i need to write a program in c that can sniff packets from Ethernet and distinguish RTP packets from Non-RTP packets, i have no idea what should i do

View 9 Replies View Related

Networking :: Kernel - Forward Packets From Eth0 To Eth1 And Eth1-to Eth0 As Well As Get A Copy Of These Packets For Analysis

Sep 27, 2010

I have a hardware device with two ethernet ports, eth0 and eth1 running Centos 5. Basically my goal is to forward packets from eth0->eth1 and eth1->eth0 as well as get a copy of these packets for analysis. If I set IP routing to do the forwarding then I won't get a copy of the packets for analysis.

View 3 Replies View Related

Security :: Detect Infected PC In LAN (Sending Packets To Internet)

Jul 17, 2009

In my network I have 25 workstations and some serves. Everything working in local LAN with firewall. The problem is that on one machine (I dont know which one) is installed software which sending data to the internet. Actually I dont know what it is. Last time as I remember was trojan which can create new network interfaces in windows and send some data to the internet. The half speed of my network connection is used by this infected machine. How can I detect which machine it is? How can I listen/capture some traffic and analyze from which machine I have more connections.

Please take a look on this time. Instead of 141-150ms should be 4-5ms.

64 bytes from (62.xx.191.74): icmp_seq=1 ttl=249 time=141 ms
64 bytes from (62.xx.191.74): icmp_seq=2 ttl=249 time=135 ms
64 bytes from (62.xx.191.74): icmp_seq=3 ttl=249 time=147 ms
64 bytes from (62.xx.191.74): icmp_seq=4 ttl=249 time=127 ms
64 bytes from (62.xx.191.74): icmp_seq=5 ttl=249 time=156 ms
64 bytes from (62.xx.191.74): icmp_seq=6 ttl=249 time=129 ms
64 bytes from (62.xx.191.74): icmp_seq=7 ttl=249 time=188 ms

How can I detect which machine is infected using only linux and keyboard ?

View 5 Replies View Related

Ubuntu Servers :: Dns Server Started With 2 NIC Cards - Bios Sees Both Cards But - Both Dont Show In Ifconfig

Dec 1, 2010

I have a dns server started with 2 NIC Cards in it. The bios sees both cards but they both dont show in ifconfig. is there a way to activate the second card?

View 1 Replies View Related

Networking :: Routing Packets From One IP To Another

Sep 6, 2010

My setup is...I have a wireless access point using laptop as a gateway. The AP is also connected to a switch as is the laptop. So the laptop has two interfaces one wireless and one wired. A third device is using the AP to connect to a server on the internet. The AP sends the packets to my laptop where they are dropped. I've been looking for a solution to this problem without success. Basically is there a way for my laptop to forward all packets it sees from a certain IP address to whatever destination address they have?To clarify, my laptop is just the gateway of the AP and none of the packets are addressed to it at all, it just picks them up using a sniffer or similar tool.

View 1 Replies View Related

Networking :: How To Block The Ftp Packets

Dec 3, 2010

using layer 7 filtering how to block the ftp packets?..

In My router i am going to add a below rule.... iptables -A OUTPUT -m layer7 --l7proto tcp --dport 20 -j DROP

above statement will it work in my router?.

View 1 Replies View Related

Networking :: How Recognize These Two Different Packets

Oct 17, 2010

1) i have to find the source and destination address in the ip and ethernet headers of a packet that go from my machine to the router.2) Then i have to do the same for the packet that goes from the router to my partner's machine.Then I have to answer the above questions but now for the echo replay.How could i see these address?The result could be found in the output of a tcpdump?

[guest@shakti guest]$ sudo tcpdump -en host and
tcpdump: listening on eth0
20:27:36.662737 0:4:75:b5:20:bc 0:3:e3:2a:4a:60 ip 42: > icmp: echo request


View 2 Replies View Related

Networking :: Getting Too Many ARP Packets On System?

Feb 15, 2010

I've a ssh server on FEDORA 12. It was going well but now it's overloaded with ARP traffic and is unable to run ssh. normally i'm getting about 150 packets in just 3 second

View 1 Replies View Related

Networking :: Can't Allowed Incomming Packets?

Jun 10, 2010

my Linux does not workDoes not accept incoming connectionsiptable disabledping is a network but cannot nor at 22 nor at any other connectsHow do I check what is blocking the connection
thnx alot.OS Ubuntu 9.4

View 4 Replies View Related

Networking :: Dropped Packets But Only For TCP Connections?

Oct 1, 2010

One of our RHEL 5.3 servers has trouble about 30% of the time with TCP-based communications, but it does not seem to be firewall issues. From another computer on the same switch, you can SSH to the server sometimes and other times the SSH command will just hang. When it hangs, you can often just Ctrl+C and try it again and it works. Same with HTTP connections. You'll get part of a web page and then FireFox will just hang waiting for the rest and eventually time out. Same goes for communication initiated FROM the server. SSH'ing from the server to any outside server or connecting to any web site works sometimes, but most times not. iptables if off. No other firewalls are running. Tcpdump shows communication gets so far and then stops. It does not matter whether tou run tcpdump on that server or the client connecting to it. Either way you see the connection stops working. MEANWHILE, pinging with small or large packets works flawlessly. 10,000 packets, zero drops.

View 5 Replies View Related

Networking :: Dropped Packets On Firewall

Jan 11, 2010

I've recently installed Ubunter 9.10 Server Edition to use as a NAT firewall for the lab I run. I'm using iptables to do NAT forwarding and everything works great except that, occasionally, connections seem to break. Ssh connections close with "Connection reset by peer" and HTTP connections just stall out.I believe this has to do with the firewall's internal network interface occasionally dropping packets.

View 2 Replies View Related

Networking :: Route Packets Across NICS's?

Mar 11, 2010

I have two NIC's interfaces on my linux machine(eth1 and eth2). Each have different IP addresses(, These two interfaces are connected together through hub. Here is the my question?

1) If I 'ping', it should go out through network interface eth2 and through hub and enter on eth1 and response also travel through similar direction.

2) If I 'ping', it should go out through network interface eth1 and through hub and enter on eth2.

How can setup routing table for this,I have tried setting up routing and iptables, etc.. nothing helped.

If any one good router/networking guy, you should know this one.I am doing a project, I want this way to handle this.

View 9 Replies View Related

Networking :: Capture Outgoing Packets Only?

Jun 11, 2009

I have a network like

Node A to Vlan Switch
Node B to Vlan Switch
Node C to Vlan Switch
Node B is set up to be a middle man between A and C.
All nodes have 1 NIC.

They are all linux boxes. Node B can ping Node C. When I try to ping Node C from Node A, the ping just hangs forever.

When I use Wireshark to sniff What's going on with Node B during a ping from Node A to Node C, I can see an ICMP request with src = Node A and dest = Node C. I'd like to know if that ICMP packet was received by B from A or if it is going out. If it's going out, that makes no sense since B knows how to send to C. If B is only getting the requests but not forwarding them, then I know there is something wrong with B's configuration.

So I'd like to be able to sniff incoming packets only, or outgoing packets only. Is there a way to do this?

View 1 Replies View Related

Networking :: Intercepting And Forwarding UDP Packets

Apr 16, 2010

I have a legacy application that communicates status to a remote server over UDP. The server app replies back to the client with UDP as well, using the IP address it obtains from the sockaddr parameter of the recvfrom() method.

[----------------] [----------------]
[ client <->(udp)]<----- Ethernet -----> [(udp)<-> server ]
[----------------] [----------------]

I'm trying to replace the underlying use of ethernet, with a RS232 based radio/modem device - without making any src changes to the legacy apps. i.e. apps would still create and transmit UDP packets addressed to a remote IP address and listening port, and the receiver wouldn't know any difference. I'm relatively new to this level of network programming, but my first attempt has been to write an app that sniffs out outbound raw UDP packets (using pcap), transmit that data over the radio, and re-injects the UDP unchanged on the remote end.

[----------------] [----------------]
[ client <->(udp)] [(udp)<-> server ]
[ | ] [ ^ ]
[ v ] [ | ]
[ /capture/]<---- Radio XMIT ----> [/reinject/ ]
[----------------] [----------------]

My 'capture' app intercepts the UDP packets just fine when the machine is 'plugged' in, but as soon as I disconnect my network cable to test wireless, outbound packets addressed to a remote IP (ie. the server) are no longer captured (tho local UDP packets are picked up ok). Wireshark also does not report the original outbound packet, but it does show an ICMP packet reporting 'Host Unreachable'. I understand the host isn't reachable, but I'm confused as to why the packet isn't at least making it to the interface/network card. Is there anyway to get the force the kernel to 'transmit' the UDP packet anyway so that my capture app can intercept it? or is there a better/easier solution (again, w/o making source changes to the client/server)?

View 4 Replies View Related

Networking :: Netstat - Dropped Packets Under IP

Feb 13, 2009

I have question regarding netstat? When performing a "netstat -s" I receive the following information regarding dropped packets under IP:

93978695 total packets received
0 forwarded
0 incoming packets discarded
79472157 incoming packets delivered
65235033 requests sent out
29527 outgoing packets dropped

However if I run a "netstat -i" I have no dropped packets whatsoever: (apologies for the table format):
Kernel Interface table
bond0 1500 0 34326528 0 0 0 72755307 0 0 0 BMmRU
bond0:1 1500 0 - no statistics available - BMmRU
bond1 1500 0 28605491 0 0 0 20948952 0 0 0 BMmRU
eth0 1500 0 34199550 0 0 0 72755278 0 0 0 BMsRU
eth1 1500 0 126978 0 0 0 29 0 0 0 BMsRU
eth2 1500 0 97911 0 0 0 1 0 0 0 BMsRU
eth3 1500 0 28507580 0 0 0 20948951 0 0 0 BMsRU
lo 16436 0 34094225 0 0 0 34094225 0 0 0 LRU

View 5 Replies View Related

Ubuntu Networking :: How To Check Packets Being Sent / Received Through WAN

Jan 14, 2010

I am new to Ubuntu almost installed it after windows showed blue screen 4 ever n ever. However after installing ubuntu whenever I log in windows it doesnt detect any network connection but when I use Ubuntu it automatically does can it be that Ubuntu is causing any problem? And how to check how many packets are being sent and received through my wired network and do I have to install any drivers for my modem in Ubuntu.

View 5 Replies View Related

Ubuntu Networking :: Packets DROPPED By Firewall?

Mar 13, 2010

I am using ubuntu 9.10. Configuring my firewall using guarddog. I have setup a rule to allow traffic OUT on port 7078 UDP, and just because i'm having problems i added an IN rule.

# Create the filter chains
# Create chain to filter traffic going from 'Internet' to 'Local'
ipchains -N f0to1


View 2 Replies View Related

Ubuntu Networking :: Redirect Outgoing Packets To LAN?

Jul 6, 2011

is there any way to point certain packets from my outgoing traffic to a LAN : port ?

can iptables do this ? if yes how ?some like this [URL] ?

View 1 Replies View Related

Networking :: Sending/replaying Network Packets?

Dec 10, 2008

I am not a networking expert by any means (in fact I have never taken a networking course), but I have taken several security courses, and generally we wind up discussing replay attacks. For example, the Needham-Schroeder protocol (using symmetric-key cryptography anyway) is flawed because it allows for replay attacks, and I understand why.

I guess my question is actually how someone would perform a replay attack. I know I can sniff network traffic by downloading wireshark. I also have downloaded winpcap and npg on my WinXP virtual machine. I'm trying to use this guide to help me, but I'm quite lost:[URL]What I did was to post a "link" to my facebook profile and I sniffed the traffic using wireshark. What I would ultimately like to accomplish is to copy that packet out of the wireshark output, and then use a tool like npg to transfer the raw packet back to facebook, which should result in a second, redundant post. I just can't figure out how to do that.

I'm pretty sure this should be possible. Facebook only uses an SSL session for authentication during login. After that, the information is just sent in the clear, so I'm pretty sure this should be possible.Can anyone explain how to do such a thing? It would really help my research paper that I'm working on this semester if you can. As of right now the attack we are trying to demonstrate/defend against is using a Windows VM, which is why I'm using winpcap/npg. The attack is actually possible using just about any OS (depending on the exploit used), but our POC is Windows only at the moment

View 4 Replies View Related

Networking :: Sending Packets To Localhost Through Another Computer?

Jun 10, 2009

Suppose I have computer A with ip address on eth0 of and ip address on eth1 of If I send packets to from computer A, it automatically uses the loopback interface. Is it possible to modify the routing table some how to send these packets out on eth0 instead and have them route around the network and come back on eth1.I've tried 'route add -host dev eth0' but it seems to completely ignore this entry.

View 5 Replies View Related

Networking :: Monitoring Outgoing UDP Packets - PID In Access Log

Oct 11, 2010

On our webhosting servers, where is primary running apache, sometimes starts huge outgoing traffic to random IP addressess (each time of attack is it just one IP). It's always UDP,and according to my investigation tcpdump, it looks like p2p. The problem is in big outgoing traffic, and secondly in filling ip_conntract table /proc/net/ip_conntrack. I think, that one of our webhosting users has some virus uploaded on his FTP, which is time to time ran. I think, that if I can map outgoing traffic to particular process ID, it will be easy to find the PID in access log of webserver and than see what URL it causes.

What I have checked already:

- outgoing UDP connections are not listed in netstat - so cannot get PID from there
- Apache with PHP is in safe mode - cannot exec binaries, cgi is disabled
- I can see tons of records in tcpdump, but from the dump I'm not able to get PID
- In time of attack I was trying to run `lsof`, but nothing to see - didn't found the attacker
- I went through apache access log - I took time of attack -i.e. 02:22 am - grep from access log all hits between 02:20 and 02:29 am and try to call all them again - problem didn't occured
- checked the POST records from access log - nothing
- grepped all php files for keyword 'fsockopen' and 'torrent'
- from iptables --log-uid I have found user nobody (under apache is ran)

I think that the key is able to match outgoing connection to PID, than it will be easy.

View 1 Replies View Related

Networking :: Can Sniffed Packets Be Forwarded To A Different Network

Feb 15, 2011

I'm using madwifi linux driver (ath1) in monitor mode to capture some wireless traffic. I can see that all wireless traffic is coming well through the wireless interface (checked using TCPDUMP). What I want to know is how I can forward the captured wireless packets to a different Ethernet interface (e.g. eth2) in the same machine to send those captured packet out to a different computer.

I set 1 for /proc/sys/net/ipv4/ip_forward

for iptables, I tried this rule: iptables -A FORWARD -i ath1 -o eth2 -j ACCEPT

However, I coudn't read any packet from eth2 via TCPDUMP.

View 11 Replies View Related

Networking :: Cannot Receive UDP Multicast Packets From Windows

Dec 10, 2008

I've got an application that compiles in Windows and Linux and is using UDP multicast to communicate. I'm running it on a Windows machine, a Linux machine and a small board (Gumstix) that is running Linux as well. The Windows and Linux machines have no problems sending/receiving packets with each other. The Gumstix and Linux machines have no problems sending/receiving packets with each other. The Gumstix can also send/receive packets with two instances of the application both running on the Gumstix.

But when running on the Gumstix I can send udp multicast packets to Windows, but cannot receive them. (It works if I do point to point with a known IP port#, but not multicast.) I can run tcpdump on the Gumstix and see the packets, but they are not being received on my socket. Here's what tcpdump (running on the Gumstix) outputs when sending the same packet from different sources. Notice the IP header ID and flags (don't fragment) are different when coming from Windows.

WINDOWS to Gumstix
-7:-45:-2.015784 IP (tos 0x0, ttl 15, id 35331, offset 0, flags [none], proto: UDP (17), length: 444) > UDP, length 416

-7:-43:-38.451991 IP (tos 0x0, ttl 15, id 0, offset 0, flags [DF], proto: UDP (17), length: 444) > UDP, length 416

-7:-33:-10.955608 IP (tos 0x0, ttl 15, id 0, offset 0, flags [DF], proto: UDP (17), length: 444) > UDP, length 416

I've tried everything I can think of to get this to work but am not getting anywhere. Also I'm pretty inexperienced when it comes to Linux. Anything I could try to be able to receive udp multicast packets from Windows?

View 1 Replies View Related

Networking :: Iptables REDIRECTing - All Outgoing Packets ?

Dec 6, 2010

I've been trying to redirect all outgoing packets (destined for a specified ip address) from my slack box back to itself. I thought this could be done with iptables, but if I fire up wireshark I can clearly see that the packets are getting out to the real server and I'm getting responses from it.

So here's what I tried:

All looks good and fine, and then I even try to visit with firefox (by the way I am running a webserver, that is set to show a page when you visit and I get an error page that reads: 502 Bad Gateway.

I ignored this message to see what the program I'm trying to interrupt does, and when I start wireshark and then start the program that is using that website, I can clearly see that the packets make it to the real and get back responses.

View 1 Replies View Related

Copyrights 2005-15, All rights reserved