03-09-2017
Quote:
Originally Posted by
jim mcnamara
Yes. You have to bridge somehow - that is what TAP does.
Does this link look familiar?
Mmmh not to familiar with it - even after reading
Another approach would be if it's possible to route only the traffic on 1 application (or user) over the vpn tunnel by removing the default gateway to it and let all remaining traffic on eth0.
I think there was some way with iptables to mark packages of a user and apply some postrouting rules to change the ip and route them over a different interface, but I really can't remember how anymore
10 More Discussions You Might Find Interesting
1. Cybersecurity
Hello,
I am currently trying to limit incoming UDP length 20 packets on a per IP basis to 5 a second using IPTables on a Linux machine (CentOS 5.2).
Basically, if an IP is sending more than 5 length 20 UDP packet a second to the local machine, I would like the machine to drop the excess... (1 Reply)
Discussion started by: tomboy123
1 Replies
2. Solaris
Hi All,
yesterday I was trying to add a network route to my solaris 8 host using 'route add'. Everytime I tried, I kept getting the response 'network is unreachable'.
I was trying all kinds of different methods, however I eventually got it to work after bouncing the interface that I was... (2 Replies)
Discussion started by: badoshi
2 Replies
3. Solaris
Hi there,
I'm trying to configure an additional network interface on Solaris 8 (eri0). The interface has been activated, but all the frames are still routed to the current default interface (ce0) I've tried following command (with various syntaxes...) unsuccessfully so far:
# route add... (2 Replies)
Discussion started by: sreiniche
2 Replies
4. UNIX for Dummies Questions & Answers
Hi all,
I am new to Linux kernel.
we have a c file that counts the no. of sends and received packets in each interface, and indicate the user about the error/drop ration of incoming and outgoing packets.
in our Linux box , the incoming packets are dropped at random interval.
we have our... (1 Reply)
Discussion started by: kannandv
1 Replies
5. Solaris
Please , I have a problem
I have add a statis route on Solaris 10, but after this, the network interface of Server was Offline.
The system is in cluster mode (3.2)
route add -net 10.10.1.128 -netmask 255.255.255.128 10.10.1.51
-------------------
lo0:... (1 Reply)
Discussion started by: Ruggero
1 Replies
6. Solaris
Hi,
Every time when i boot my system i have to manually issue the following commands.
ifconfig elxl0 plumb 192.168.200.129 netmask 255.255.255.0 up
route add default 192.168.200.1
I need some help so that it should be configured permanently and i wouldn't have to manually issue... (2 Replies)
Discussion started by: malikshahid85
2 Replies
7. IP Networking
hello,
can anyone suggest how to delay the incoming packets ??
or how the packets are prossed inside the kernal and a way to make the packets wait a while??
it wud be vry helpful
regards
sameer (7 Replies)
Discussion started by: sameer kulkarni
7 Replies
8. Linux
I am looking for an iptables command to allow incoming UDP packets for my Linux server
also is there a command I can use to set the default action for outgoing packets to accept?
Thank you (1 Reply)
Discussion started by: crimputt
1 Replies
9. IP Networking
Hi,
I'm quite new to unix networking and ip tables. I'm running a debian (htpc) server with two NIC's; eth0 and wlan0.
I'm trying to set it up in a way that eth0 is the default interface for internet, but some processes should run through wlan0.
For example, I'm using eth0 for downloads... (2 Replies)
Discussion started by: Subbeh
2 Replies
10. IP Networking
Hello, I'm trying to route all packets arriving at a particular interface by entering the same interface
the virtual interface eth1: 2 and now everything is routed by default gw configured on eth1.
eth1 Link encap:Ethernet HWaddr 0a:0e:64:18:52:72
inet addr:192.168.10.15
eth1:2 ... (1 Reply)
Discussion started by: faka
1 Replies
Firewall mark classifier in tc(8) Linux Firewall mark classifier in tc(8)
NAME
fw - fwmark traffic control filter
SYNOPSIS
tc filter ... fw [ classid CLASSID ] [ action ACTION_SPEC ]
DESCRIPTION
the fw filter allows to classify packets based on a previously set fwmark by iptables. If it is identical to the filter's handle, the fil-
ter matches. iptables allows to mark single packets with the MARK target, or whole connections using CONNMARK. The benefit of using this
filter instead of doing the heavy-lifting with tc itself is that on one hand it might be convenient to keep packet filtering and classifi-
cation in one place, possibly having to match a packet just once, and on the other users familiar with iptables but not tc will have a less
hard time adding QoS to their setups.
OPTIONS
classid CLASSID
Push matching packets to the class identified by CLASSID.
action ACTION_SPEC
Apply an action from the generic actions framework on matching packets.
EXAMPLES
Take e.g. the following tc filter statement:
tc filter add ... handle 6 fw classid 1:1
will match if the packet's fwmark value is 6. This is a sample iptables statement marking packets coming in on eth0:
iptables -t mangle -A PREROUTING -i eth0 -j MARK --set-mark 6
SEE ALSO
tc(8), iptables(8), iptables-extensions(8)
iproute2 21 Oct 2015 Firewall mark classifier in tc(8)