Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Can somebody tell me what are the ways of routing packets in a linux system. I have an external and internal network interfaces on my linux system. I want to forward packets arriving at my external network to an internal network.
I do not have iptables. What are the other ways to this? What commands are offered by native linux. Should Netfilter always be enabled for this? My kernel does not come with Netfilter.
So please suggest.
Thanks in advance
Assuming you're talking about real routing, and not any form of Network Address Translation (NAT), you just need to enable IP forwarding, and put the relevant routes in your routing table:
echo 1 > /proc/sys/net/ipv4/ip_forward
Configuring NAT does require iptables.
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I was asked to build a simulator that pretend to be 5000 UDP clients, each with a unique IP address.
Can this simulator be a PC application?If it can, can it be build on Windows, or Linux.
Or has to build a hardware only?
Thanks
You can do this in software. There are two different approaches:
Use IP aliasing. With IP aliasing, you can create multiple virtual network interfaces that map to a single physical interface. Each interface has its own IP address. You then create a separate socket for each address and send traffic on it. See this post for more details.
Use raw sockets to "forge" UDP packets with the desired IP address. This has the disadvantage that the server cannot successfully reply to the client, since there is no network interface corresponding to the forged address. See this for instructions on how to craft UDP packets using raw sockets.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
I am trying to setup openvpn on a server so that I have 2 different tap interfaces (tap0 and tap1) and then a bridge connecting those interfaces. The idea is that a client on tap0 will be able to talk to a client on tap1 and vice-versa.
There is no physical NIC involved in the bridge and the Bridge interface is setup with no ip/netmask/broadcast.
I am able to ping between the 2 when they are both connected however I see no traffic when trying to tcpdump the bridge interface.
I am a bit confused on some things:
Do I need to have an ip configured on the bridge interface at all? I don't quite see the reason for it as all it will do is to make to virtual interfaces talk to each other
Is the fact that the bridge interface does not have an assigned ip/netmask/broadcast the reason I am not able to see the ping traffic on the bridge interface when tcpdumping that interface?
If the answer to number 2 is Yes, I assume that it is not either possible to use iptables to block/allow traffic on that interface, correct? If so is there any other way to accomplish what one would do with iptables on an interface like that?
I guess this wasn't the proper place to put this question but I thought I'd put an update anyway to close the issue.
Turns out that you do not need an assigned ip address on the bridge and it is possible to tcpdump. I happened to be working in containers which made the traffic go outside the vpn when pinging.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
I am using RHEL 6.3 (2.6.x kernel). I have tcp based client server applications. I noticed that when i run them on the same host, the throughput is approx the same, irrespective whether server binds to loopback or local IP assigned to NIC.
What is the reason behind it? My understanding is that loopback is software based routing, where as when local IP assigned to NIC is involved, the hardware is involved in the data path. Is that true?
The hardware does not get involved.
As soon as the routing function knows that the destination address is local, the packet is switched to ingress path. Which is incidentally why sniffers can't capture such packets, because that hook happens to be after the point of this decision.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I am running linux machine between two IP Phone with Two NIC card's. all of the traffic passthroug between eth0 and eth1 should move through TCP/IP stack.currently,IP-forwarding is enabled in linux and traffic route directly at Kernel level. If I am doing port forwarding using IPtables, I can get the traffic in TCP/IP stack but I dont want to perform port forwarding. Every time traffic is having different port, its difficult to map the port again with its original port.
Is there any other mechanism, I can get every packet in tcp/IP stack without port forwarding either using some routing or creating virtual interface/loopback interface?
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
AnalogX makes a handy useful Windows utility named Portmapper. It listens on any ports you like and forwards traffic to another IP address. So you can open a range of ports in your router, all mapped to one machine. That machine then forwards each specific port to any address you like within the LAN.
This is a good solution for routers with a limited number of NAT entries available. Just point a range to a single PC and let it do the rest. It can forward port 80 traffic to 192.168.1.101, port 5900 to 192.168.1.102, and port 5901 to 192.168.1.103:5900, etc.
I'm looking for a linux-based replacement. Either a program where I create a config file detailing the port numbers and IPs to forward, or a strategy to use a built-in solution like iptables. Any suggestions on how to do this?
Well you can do that natively in Linux with iptables:
http://www.debuntu.org/how-to-redirecting-network-traffic-a-new-ip-using-iptables
http://ramblings.narrabilis.com/ip-forward-using-iptables-port-and-host-redirect
http://www.revsys.com/writings/quicktips/nat.html