|
|
Sponsored Content
Special Forums
IP Networking
Iptables/TC: how to make masqueraded traffic go through an openVPN tun0?
Post 302188683 by sumitpandya on Thursday 24th of April 2008 04:11:50 AM
04-24-2008
|
|
10 More Discussions You Might Find Interesting
1. IP Networking
i have a wireless network that is connected to internet over nat.there is ap that is connected to another ap in bridge mode, on ap is used for clients, and the other is connected to the machine that is doing masquerading. so i want to measure traffic of my clients and i thought about doing it with... (0 Replies)
Discussion started by: mdfk
0 Replies
2. IP Networking
Hi all,
I am working on TUN/TAP for tunnelling IP packets from the application to the network.
I am able to open the tun device and assign the IP address to tun0. The steps I followed are given,
1. Opened the tun device /dev/net/tun
2. Assigned a IP address to the tun0 using ifconfig... (5 Replies)
Discussion started by: johnniealan
5 Replies
3. Shell Programming and Scripting
Hi everybody. I have the next scenary:
eth0: WAN
eth1: DMZ
eth2: LAN
I need to block all incoming trafic from the internet through my network LAN using iptables. I have squid but i need to do this using ipatbles.
I have been listening about iptables -A FORDAWARD but I am stuck right... (0 Replies)
Discussion started by: edeamat
0 Replies
4. IP Networking
Hello gurus ,
I have a vmware machine on xp wich holds a FREBSD 8.0 BETA2 i386
my xp ip is 192.168.0.12
my freebsd le0 ( ext iface, vmware bridged ) is 192.168.0.105 ( can ping google; etc...)
my freebsd le2 (int iface, vmware local only) is 192.168.141.5
my freebsd le1 is disabled as... (0 Replies)
Discussion started by: cozsmin
0 Replies
5. IP Networking
hello,
I have a postfix & a local dns running on a single server.
this server is connected to internet via a low bandwidth line(with fixed ip).
we also have another high speed adsl (dynamic ip).
i want to divert all dns request from the local dns & postfix
from the server to the adsl... (0 Replies)
Discussion started by: coolatt
0 Replies
6. Ubuntu
Hi,
I am new to linux stuff. I want to use linux iptables to configure rule so that all my incoming traffic with protocol "tcp" is forwarded to the "FORWARD CHAIN". The traffic i am dealing with has destination addresss of my machine but i want to block it from coming to input chain and somehow... (0 Replies)
Discussion started by: arsipk
0 Replies
7. IP Networking
I would like to divide traffic between two squid servers.
I have been thinking about using iptables u32 filter, to check last bit of ip address which is comming to gateway. Then I would like to direct even IP adresses to one squid host, and odd to the other. Is it reasonable ?
Thank you for... (2 Replies)
Discussion started by: new_item
2 Replies
8. UNIX for Dummies Questions & Answers
Hey all,
I'm trying to get openvpn working on DD-WRT router.
I can make a connection inside my lan, but outside the connection is yellow. I think yellow means it is close to making a connection, but it never completes the connection. So I believe there is a problem with my iptables since it... (0 Replies)
Discussion started by: sdnix
0 Replies
9. Debian
I spent a lot of time trying to implement outbound traffic filtering with: cgroups + tc + iptables on Debian Jessie. Unfortunately there is still something wrong.
The biggest issue is:
- cgroups install + config
- net_cls subsystem implementation
- packets marking with net_cls
- appropriate... (0 Replies)
Discussion started by: Novi
0 Replies
10. Cybersecurity
good day good people
hi
first to tell that firewall and vpn is working as expected, but I notice something strange.
I have host system 11.11.11.11(local ip) firewall is blocking everything except port to vpn.
I have vpn on virtualized system 22.22.22.22 (CentOS both host and virtual). ... (0 Replies)
Discussion started by: end
0 Replies
LEARN ABOUT DEBIAN
shorewall-nat
SHOREWALL-NAT(5) [FIXME: manual] SHOREWALL-NAT(5) NAME
nat - Shorewall one-to-one NAT file SYNOPSIS
/etc/shorewall/nat DESCRIPTION
This file is used to define one-to-one Network Address Translation (NAT). Warning If all you want to do is simple port forwarding, do NOT use this file. See http://www.shorewall.net/FAQ.htm#faq1[1]. Also, in many cases, Proxy ARP (shorewall-proxyarp[2](5)) is a better solution that one-to-one NAT. The columns in the file are as follows (where the column name is followed by a different name in parentheses, the different name is used in the alternate specification syntax). EXTERNAL - {address|COMMENT} External IP Address - this should NOT be the primary IP address of the interface named in the next column and must not be a DNS Name. If you put COMMENT in this column, the rest of the line will be attached as a comment to the Netfilter rule(s) generated by the following entries in the file. The comment will appear delimited by "/* ... */" in the output of "shorewall show nat" To stop the comment from being attached to further rules, simply include COMMENT on a line by itself. INTERFACE - interfacelist[:[digit]] Interfaces that have the EXTERNAL address. If ADD_IP_ALIASES=Yes in shorewall.conf[3](5), Shorewall will automatically add the EXTERNAL address to this interface. Also if ADD_IP_ALIASES=Yes, you may follow the interface name with ":" and a digit to indicate that you want Shorewall to add the alias with this name (e.g., "eth0:0"). That allows you to see the alias with ifconfig. That is the only thing that this name is good for -- you cannot use it anwhere else in your Shorewall configuration. Each interface must match an entry in shorewall-interfaces[4](5). Shorewall allows loose matches to wildcard entries in shorewall-interfaces[4](5). For example, ppp0 in this file will match a shorewall-interfaces[4](5) entry that defines ppp+. If you want to override ADD_IP_ALIASES=Yes for a particular entry, follow the interface name with ":" and no digit (e.g., "eth0:"). INTERNAL - address Internal Address (must not be a DNS Name). ALL INTERFACES (allints) - [Yes|No] If Yes or yes, NAT will be effective from all hosts. If No or no (or left empty) then NAT will be effective only through the interface named in the INTERFACE column. LOCAL - [Yes|No] If Yes or yes, NAT will be effective from the firewall system FILES
/etc/shorewall/nat SEE ALSO
http://shorewall.net/NAT.htm http://shorewall.net/configuration_file_basics.htm#Pairs shorewall(8), shorewall-accounting(5), shorewall-actions(5), shorewall-blacklist(5), shorewall-hosts(5), shorewall_interfaces(5), shorewall-ipsets(5), shorewall-maclist(5), shorewall-masq(5), shorewall-netmap(5), shorewall-params(5), shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5), shorewall-rtrules(5), shorewall-routestopped(5), shorewall-rules(5), shorewall.conf(5), shorewall-secmarks(5), shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5), shorewall-tos(5), shorewall-tunnels(5), shorewall-zones(5) NOTES
1. http://www.shorewall.net/FAQ.htm#faq1 http://www.shorewall.net/manpages/../FAQ.htm#faq1 2. shorewall-proxyarp http://www.shorewall.net/manpages/shorewall-proxyarp.html 3. shorewall.conf http://www.shorewall.net/manpages/shorewall.conf.html 4. shorewall-interfaces http://www.shorewall.net/manpages/shorewall-interfaces.html [FIXME: source] 06/28/2012 SHOREWALL-NAT(5)