iptables conundrum


Login or Register for Dates, Times and to Reply

 
Thread Tools Search this Thread
# 1  
Debian iptables conundrum

Ok, if youre reading this prepare yourself.(debian based os)

so im trying to do this routing with ip tables, i need to forward/SNAT traffic from 192.168.111.1 to 10.10.10.250, the 192.x.x.x ips are being shoved into a honeyd like program called inetsim so its offline, 10.10.10.125 is connected to the internet, how do i get the traffic from 192.168.111.4 to 10.10.10.250:41004?

and i need it to at least be a specified port range for 192.168.111.4 since the ports vary from 49100-50000.

ive tried a lot of different iptables only to be thwarted many times. i got it working one time but i broke it somehow and i dont know how i did that.

please help! Smilie if you need to see my current/old rules let me know. i can sanitize them rather quickly
# 2  
you say 192.168.111.1 but then 192.168.111.4. There's a range? Can you better describe what's happening?

You must also account for traffic in both directions.
SNAT from 192.168.111.1 to 10.10.10.250
DNAT from 10.10.10.250 to 192.168.111.1
# 3  
Debian

sorry! the first set of numbers is supposed to be 192.168.222.4, more to add would be that 192.168.222.2 is the gateway and dns of 192.168.222.4

and yes there is a port range. i think thats only the case if it cant connect the the server on 10.10.10.250. but the program i need to use eats all traffic that isnt needed.

so in turn its 10.10.10.250 being the reporting box, 10.10.10.125 being the connection live to the web to hit said reporting box, and 192.168.222.2 being the gateway/dns server of 192.168.222.4.

192.168.222.4 > 192.168.222.2 > 10.10.10.125 > 10.10.10.250

i say this because the last time i had it working it showed 10.10.10.125 as the address for 192.168.222.4(i assume thats masquerading) on the reporting box, and in the inetsim config file it says what ip should be used if inetsim will act as a router for certain traffic

This is a malware traffic analysis box. so it needs to only have this one ip address allowed on this one port so that it can report findings of files run to said box.

the inetsim program also makes its own rules that are pretty annoying. at one point i had it telling me that it was established but wasnt showing activity on the destination server. and now its back to square one. let me know if you need more details. sorry for the typo!

and i have traffic from 10.10.10.250 already accepted, its from 192.168.222.2 that i cant get routed.
# 4  
can you give me an example of how to do that? the way its setup in my environment is getting confusing
Login or Register for Dates, Times and to Reply

Previous Thread | Next Thread
Thread Tools Search this Thread
Search this Thread:
Advanced Search

Test Your Knowledge in Computers #454
Difficulty: Medium
LibreOffice is a free and open office suite developed and maintained by IBM.
True or False?

7 More Discussions You Might Find Interesting

1. OS X (Apple)

Help in explaining this echo conundrum.

OSX 10.12.3, default bash terminal. Consider this code and note it is calling 'sh' inside the code... #!/bin/sh echo '1\n2\n2\n3\n5' > /tmp/text hexdump -C /tmp/text /bin/echo '1\n2\n3\n4\n5' > /tmp/text hexdump -C /tmp/text Now view the interactive mode below, note the underlying shell is... (6 Replies)
Discussion started by: wisecracker
6 Replies

2. Red Hat

Physical Volume Create Conundrum

I want to start by saying I already resolved my issue but I want to understand why I am seeing what I am seeing. I have a server with a RAID controller two 500GB drives and six 600GB drives. The two 500GB drives are mirrored and have the OS installed on them. The six 600GB they wanted set as... (4 Replies)
Discussion started by: scotbuff
4 Replies

3. Shell Programming and Scripting

sudo scripts conundrum

hello; Got a problem running monitoring scripts using sudo ssh.. Mgmt decided to take away root sudoers access.. so most of the scripts ran as: sudo ssh $BOX ... Now I need to run them as: echo $my_pw | sudo -S -l my_user_id $BOX ... I tried this but not working.. Any wisdom/tricks... (3 Replies)
Discussion started by: delphys
3 Replies

4. Shell Programming and Scripting

Conundrum - Flexible way to strip extension

Hi, First post here. I have something that may prove to be difficult. I have the following files: Example1.0.0.tar.gz Example2.tar Example3.zip Example4.0.0.0.0.0.bzip2 I need to remove the file extensions and store as a variable so they look like this: Example1.0.0 Example2... (3 Replies)
Discussion started by: Spadez
3 Replies

5. UNIX for Dummies Questions & Answers

umask conundrum

Hi All, i was reading up on a umask question on this forum and have a question on this. the umask value on my home PC running on cygwin is 022. when i create a dir it defaults to permission 755, when i create a file it defaults to 644. Now it starts at 777 for dirs and 666 for files and... (1 Reply)
Discussion started by: Irishboy24
1 Replies

6. Shell Programming and Scripting

Sed pattern space/looping conundrum

Although my sed skills are gradually developing, thanks in large part to this forum, I'm having a hard time dealing with pattern space and looping, which I suspect is what I'll need a better handle on to figure out my current issue, which is converting a multi line file like this: ... (4 Replies)
Discussion started by: tiggyboo
4 Replies

7. UNIX Desktop Questions & Answers

Unix Grep Conundrum - Not for Noobies

Help, I have been stuck on this issue for weeks. I am a unix noobie. I have a very long string and within that string I am trying to get proc file names ie PROCNAME1=SOME_FILENAME_UPDTBASE.SQL There is a space on either side. I can't for the life of me peel out the proc name:... (13 Replies)
Discussion started by: owenian
13 Replies

Featured Tech Videos