I want to configure 2 lan cards on 1 pc such that it seems that both are connected on different networks.
Also i want the gateway of one lan card be the ip address of the other so that the traffic of one passes through the second. I am applying mitmproxy on my pc to monitor my own traffic.
I am new to ubuntu as well as networking. So if anything i have said is wrong, please do correct me.
ifconfig -a
eth0
Link encap:Ethernet HWaddr 00:1c:c0:0d:85:38
inet addr:10.0.0.55 Bcast:10.0.0.255 Mask:255.255.255.0
inet6 addr: fe80::21c:c0ff:fe0d:8538/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8094 errors:0 dropped:0 overruns:0 frame:0
TX packets:7628 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:6890690 (6.8 MB) TX bytes:1094128 (1.0 MB)
eth1
Link encap:Ethernet HWaddr 10:fe:ed:01:ce:34
inet addr:10.0.0.95 Bcast:10.0.0.255 Mask:255.255.255.0
inet6 addr: fe80::12fe:edff:fe01:ce34/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2338 errors:0 dropped:0 overruns:0 frame:0
TX packets:2322 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1303961 (1.3 MB) TX bytes:256352 (256.3 KB)
lo
Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:3849 errors:0 dropped:0 overruns:0 frame:0
TX packets:3849 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1008514 (1.0 MB) TX bytes:1008514 (1.0 MB)
Thanks
You can try iptables to redirect traffic from 1 interface to other.
iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 80 -j REDIRECT --to-ports 8080
will redirect all traffic coming on interface ppp0 on port 80 to port 8080 , where you can run an mitm proxy. Your mitm proxy can use eth0 to forward traffic out.
You might get a better response on serverfault or superuser.
In order to put two different network cards on two different networks you need to assign their IP's properly.
Based on the fact that you are using Net Mask of 255.255.255.0 setting one network card to have IP 10.0.0.1 and second to 10.0.1.1 would put them on two seperate networks. Netmask of 255.255.255.0 defines that your network can contain all IP's which have same first three numbers and fourth from 0 to 255. So if you change one of the first three numbers you put your network card on another network.
As for gateway it must be on the same network that your lan card is. So setting two network card to be on two seperate networks and then setting one lans card gateway to be the other network card won't work. Athleast not until you bridge the two networks together, but that won't prevent computers from one network to access computers on another which I belive is what you wanna do.
Related
I have a an asterisk server hosted on address 70.40.180.100/. When I type this on the web-browser, I can open the freePBX web-front to access the application. I now want to connect client devices to this server. When I hosted the server on my local system, I gave my local ip-address as my host-address on my client device(android phone) and I was able to make voip calls. Here the ip-address of the server is not available to connect ans the server address also does not work. I know, the problem is because the ip-address is not public and I need to do something like port forwarding. But, I would like some direction here.
My server is a Ubuntu-1404-trusty-64-minimal and ifconfig gives
docker0 Link encap:Ethernet HWaddr 02:42:32:c1:87:5f
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:32ff:fec1:875f/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:1 errors:0 dropped:0 overruns:0 frame:0
TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:76 (76.0 B) TX bytes:360 (360.0 B)
eth0 Link encap:Ethernet HWaddr 52:54:a2:01:1f:d7
inet addr:172.31.1.100 Bcast:172.31.1.255 Mask:255.255.255.0
inet6 addr: 2a01:4f8:c17:19fb::2/64 Scope:Global
inet6 addr: fe80::5054:a2ff:fe01:1fd7/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1118766 errors:0 dropped:0 overruns:0 frame:0
TX packets:40869980 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1310353426 (1.3 GB) TX bytes:2943301636 (2.9 GB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:189405 errors:0 dropped:0 overruns:0 frame:0
TX packets:189405 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:31714766 (31.7 MB) TX bytes:31714766 (31.7 MB)
The port forwarding you'll need, assuming you didn't change any other default settings, is:
UDP 5060
UDP 10000-20000
So in your router/firewall you'll need all of those forwarded to your local IP.
Keep in mind that this creates a large security issue. You don't want to allow open access. Make sure you whitelist the IPs that need to connect only. A better alternative is to configure a VPN between your server and your clients. NAT and VoIP don't play nice, so the VPN will resolve those issues for you as well before they start.
I've configured my Raspberry Pi for static IP. My /etc/network/interfaces looks like this:
auto lo
iface lo inet loopback
auto eth0
allow-hotplug eth0
iface eth0 inet static
address 192.168.1.2
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1
Yet for some strange reason, every time I reboot my Pi or my router, my Pi gets the requested IP (192.168.1.2) but ALSO a DHCP address (192.168.1.18). So my Pi has two addresses.
Of course, this isn't necessarily a problem, I just think it's strange. Am I doing something wrong? Or not enough? My router is almost completely locked down for management, but I can enter static IPs for devices - is this necessary, if I configure the Pi to do it?
The dynamic address isn't apparent in ifconfig:
eth0 Link encap:Ethernet HWaddr b8:27:eb:5d:87:71
inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:236957 errors:0 dropped:34 overruns:0 frame:0
TX packets:260738 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:35215632 (33.5 MiB) TX bytes:70023369 (66.7 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:27258 errors:0 dropped:0 overruns:0 frame:0
TX packets:27258 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3397312 (3.2 MiB) TX bytes:3397312 (3.2 MiB)
yet I can ping, ssh and everything on .18 as well.
Since you can add multiple IP addresses to the interface eth0 as noted above, I believe the solution to your problem is to remove the auto eth0 line from your /etc/network/interfaces file.
The IP address attached to interface eth0 can be viewed by ip addr. May be eth0 has two IP address configured 192.168.1.2 and 192.168.1.18.
Also you can add multiple IP address to interface eth0 through
sudo ip addr add <IP address> dev eth0
If you dont want IP address 192.168.1.18 you can remove it by
sudo ip addr del 192.168.1.18 dev eth0
I have set up puppet learning VM on VirtualBox. I can ssh into it with:
ssh root#127.0.0.1 -p 2222
However, the guide says to do facter ipaddress, and ssh into the ipaddress that outputs. I get 10.0.2.15.
If I try that ipaddress, it does not work. I want to get it to work.
Also, I am supposed to be able to access the Puppet gui from https://10.0.2.15 and am not able to do that. I think the two problems are related.
I have 3 adapters set up. 1. NAT, 2. host only adapter, 3. bridged network.
For #1, I have port forwarding set up (am not able to ssh without it).
eth0 Link encap:Ethernet HWaddr 08:00:27:44:00:48
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe44:48/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:15892 errors:0 dropped:0 overruns:0 frame:0
TX packets:24276 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1232127 (1.1 MiB) TX bytes:2062554 (1.9 MiB)
eth1 Link encap:Ethernet HWaddr 08:00:27:72:B7:0E
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
eth2 Link encap:Ethernet HWaddr 08:00:27:14:93:EE
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:322880 errors:0 dropped:0 overruns:0 frame:0
TX packets:322880 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:233893154 (223.0 MiB) TX bytes:233893154 (223.0 MiB)
NICs
I don't see any IP assigned to your NICs except eth0. I assume this learning VM is based on centos, please configure your network adapters correctly first.
check:
/etc/sysconfig/network-scripts/ifcfg-eth0
/etc/sysconfig/network-scripts/ifcfg-eth1
/etc/sysconfig/network-scripts/ifcfg-eth2
/etc/udev/rules.d/70-persistent-net.rules
This is no puppet or virtualbox issue.
port forwarding
Accessing https://10.0.2.15 will not work, this is an internal NAT network IP. Please create an entry for your VMs NAT Adapter under Port-Forwarding, just map Host Port 10443 to guest port 443. If you try to access https://localhost:10443 in your browser you should reach the service running on this VM and listening on port 443.(Check if the service is running and the firewall/iptables is open on all needed ports).
Patrick is right. The configuration within the CentOS box is strange.
It's working for me under windows but on my Ubuntu system I had big trouble setting up the Training VM.
My Tip: just add 22 and 80 port forwordings in your virtualbox.
Change -> Network -> Adapter 1 -> Port-Forwarding -> add
Protokol: TCP | Host-Port: 2222 | Guest-IP: 10.0.2.15 | Guest-Port: 22
-> you may connect now by:
ssh localhost -p 2222 -l root
also:
Protokol: TCP | Host-Port: 8081 | Guest-IP: 10.0.2.15 | Guest-Port: 80
-> you may access the questguide via:
http://localhost:8081
I followed this tutorial to set up a nameser using BIND on my VPS built in CentOS 6.3 64-bit. I have two VPS servers, one is virtualized by Xen, and the other is by OpenVZ. I noticed that the two servers differ in their network interface: Xen server has eth0 (configured /etc/sysconfig/network-scripts/ifcfg-eth0), while OpenVZ has venet0 (/etc/sysconfig/network-scripts/ifcfg-venet0).
When I follow that tutorial, the nameserver on my Xen server is working well, but the nameserver on OpenVZ server does not work at all. This made me think why and what difference made them work differently for the nameserver?
The following is the result I got from "ifconfig" command:
[root#server1 data]# ifconfig
lo Link encap:Local Loopback
**inet addr:127.0.0.1** Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:112 errors:0 dropped:0 overruns:0 frame:0
TX packets:112 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:10819 (10.5 KiB) TX bytes:10819 (10.5 KiB)
venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:50.31.115.236 P-t-P:50.31.115.236 Bcast:0.0.0.0 Mask:255.255.255.255
UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
RX packets:539325 errors:0 dropped:0 overruns:0 frame:0
TX packets:368277 errors:0 dropped:80 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:41142712 (39.2 MiB) TX bytes:37293025 (35.5 MiB)
As you can see that venet0 has its inet addr:127.0.0.1. Could someone help me with understanding the differences? Thanks
According to the information you included in your question venet0 has the IP 50.31.115.236. The 127.0.0.1 you see is for the special network interface lo.
Usually the first network interface is named eth0. Virtualizing with Xen doesn't change that as it is pretending to be just a normal hardware. OpenVZ is working a bit different and as I understand it the name of the ethernet device venet0 got set by the system administrator of the physical machine.
I can't take a look at the linked tutorial as I only get a blank page so can only give a general advice: Wherever it is showing eth0 use venet0 instead for the second system.
I add tow logical interfaces for test with the following commands :
# set link on physical Device Up
sudo ip link set up dev eth0
# create logical Interfaces
sudo ip link add link eth0 dev meth0 address 00:00:8F:00:00:02 type macvlan
sudo ip link add link meth0 dev meth1 address 00:00:8F:00:00:03 type macvlan
# order IP Addresses and Link
sudo ip addr add 192.168.56.5/26 dev meth0
sudo ip addr add 192.168.56.6/26 dev meth1
sudo ip link set up dev meth0
sudo ip link set up dev meth1
ifconfig
meth0 Link encap:Ethernet HWaddr 00:00:8f:00:00:02
inet addr:192.168.56.5 Bcast:0.0.0.0 Mask:255.255.255.192
inet6 addr: fe80::200:8fff:fe00:2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:35749 errors:0 dropped:47 overruns:0 frame:0
TX packets:131 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3830628 (3.8 MB) TX bytes:15278 (15.2 KB)
meth1 Link encap:Ethernet HWaddr 00:00:8f:00:00:03
inet addr:192.168.56.6 Bcast:0.0.0.0 Mask:255.255.255.192
inet6 addr: fe80::200:8fff:fe00:3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:35749 errors:0 dropped:47 overruns:0 frame:0
TX packets:115 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3830628 (3.8 MB) TX bytes:14942 (14.9 KB)
I run "wireshark" to test traffic between meth0 and meth1 ,
so I execute ping 192.168.56.6 to generate icmp traffic but this traffic doesn't appear in wireshark .
there is a a problem in wireshark with logical interface ?
Is there a problem in wireshark with logical interface?
Probably not. You'll probably see the same problem with tcpdump, netsniff-ng, or anything else that uses PF_PACKET sockets for sniffing on Linux (Linux in general, not just Ubuntu in particular, or even Ubuntu, Debian, and other Debian-derived distributions).
Given that those are two logical interfaces on the same machine, traffic between them will not go onto the Ethernet - no Ethernet adapters I know of will receive packets that they transmit, so if the packet were sent on the Ethernet the host wouldn't see it, and there wouldn't be any point in wasting network bandwidth by putting that traffic on the network even if the Ethernet adapter would see its own traffic.
So if you're capturing on eth0, you might not see the traffic. Try capturing on lo instead.