All Questions
236 questions
1
vote
0
answers
9
views
Duplicating and routing packets with iptables
Forgive me. I am inexperienced with CLI networking tools.
I have 3 Linux machines (a client (C), server (S), and a node in the middle (M)). C and M have a direct link on subnet 192.168.100.0/24. For ...
2
votes
2
answers
136
views
Routing packets from one wireguard client to another using iptables
This summarizes what I want to achieve:
Phone (192.168.1.245) -> Raspberry Pi 1 (wg0 10.8.0.3, wlan0 192.168.1.174) -> VPS (wg0 10.8.0.1 VPN Server) -> Raspberry Pi 2 (wg0 10.8.0.110, wlan0 ...
- 31
0
votes
0
answers
69
views
How to make hotspot use proxy
I'm using Ubuntu 24.04 Noble, main network interfaced is a ethernet called enx144fd7c333e3, another wifi interface is called wlp1s0; there is also a shadow-socks(socks5) proxy server running at 127.0....
- 129
0
votes
1
answer
157
views
forward packets between TUN interface and physical interface
I'm attempting to create a remote access VPN from scratch and am currently developing a proof-of-concept for the server-side functionality that forwards data between tun0 and enp4s0.
Code for ...
- 1
0
votes
0
answers
60
views
How can I perform geoip-based routing on Ubuntu without kernel modules?
I have a container-based VPS (Ubuntu 22.04, kernel 4.4.0), and I want to add some geoip-based rules to its routing table.
Unfortunately, every tutorial I can find relies on xtables-addons, which ...
- 101
0
votes
1
answer
42
views
Select routing policy based on gateway address
I run a wireguard interface wg0 on my remote VPS, the wireguard interface has 2 IP addresses, 10.9.0.1 & 10.9.0.2, the network interface of the VPS is ens3 (1.2.3.4), and I also run a VPN ...
- 53
0
votes
0
answers
34
views
How to properly make routes for a server with two internet connections (one behind NAT, second with public IP). Also add proper port forwarding
ubuntu 22 desktop. So Network Manager it is ;)
Initial conditions - 2 network interfaces.
Both with internet. One with a "public IP" and the second with a local network.
I want to make it so ...
0
votes
0
answers
33
views
IPTables NAT Explanation
Let's say I have a static LAN behind a NAT with the WAN network being dynamic. If I try to traceroute google.com from a board on the LAN, how does the board I'm tracerouting from know to send the ...
2
votes
1
answer
64
views
How to set up routing and firewall to achieve the desired result in this specific scenario (selective routing through wg tunnel)?
I have 2 linux computers connected via wireguard over the internet.
Their wg configuration is as follows.
Computer1:
[Interface]
PrivateKey = <computer1-private-key>
Address = 10.6.0.2/24
...
- 23
0
votes
0
answers
40
views
How to keep original IP of user after forwarding port 443 through iptables?
I have two servers for example with such IPs:
1serv - ip: 99.99.99.99
2serv - ip: 111.111.111.111
I need all traffic on 99.99.99.99 -> 111.111.111.111
I write:
sysctl net.ipv4.ip_forward=1
...
0
votes
1
answer
57
views
Communication between 2 internal NICs when using ip tables to route internrt
My Setup:
In my home setup, I have 3 NICs one that is connected to the internet (enp1s0),
The other two forward internet access to local devices (enp2s0 & enp3s0).
PC1 is connected to enp2s0 with ...
0
votes
2
answers
279
views
What determines if a packet should be routed locally or forwarded?
As seen in the diagram, when the Linux kernel receives a packet, it goes through the prerouting chain, and then a routing decision is made on whether to forward it to somewhere else or deliver it to a ...
- 138
0
votes
0
answers
80
views
Route all TCP traffic from port to another host:port
I have a wireguard config, creating a VPN between a remote server (10.0.1.1) and my local machine (10.0.1.2), so that the server can reach the local machine and vice versa.
I'd like the server to ...
- 125
0
votes
1
answer
47
views
Unable to get Main and Backup Routers to connect to each other
I have two networks and routers (both on Advanced Tomato by Shibby) laid out as such:
Backup Router network (192.168.1.1/24)
WAN - Xfinity
LAN - small number of clients. Importantly, main network ...
- 1
0
votes
0
answers
116
views
No internet connection after setuping OpenConnect server on ArchLinux
ip tuntap add mode tun dev vpn0
ip addr add 192.168.2.2/24 dev vpn0
# systemctl restart ocserv
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 8443 -j ACCEPT
iptables -...
- 101
0
votes
0
answers
275
views
Peers can connect to VPN server but not between themselves (Packet filtered)
I'm new into VPN topic and routing in general, and wanted to learn new thinks while setting up wireguard. However I'm facing an issue that I can't resolve for some time.
As in title: Peers can connect ...
- 1
1
vote
0
answers
190
views
how to route ocserv traffic to wireguard split tunnel
I want to route ocserv traffic to wireguard split tunnel
here is the net flow
[ (ocserv client) ] =====> [ server A (ocserv + wg server) ] <===== [ server B (wg client) ]
Because wg protocol ...
- 281
2
votes
1
answer
271
views
Preserve incoming interface for answers in openwrt router
I have a Openwrt router with three interfaces:
interface br-lan: IP: 172.16.21.1 in a LAN network (172.16.21.0/24).
interface eth1: IP: 172.16.22.2 a WAN network (172.16.22.0/30) with Internet access....
- 31
1
vote
1
answer
332
views
IPTables rules and networking with problems 2
My plan is to have a computer that forwards all traffic from internal interface ens19 to openvpn-interface tun0. The system has 2 physical interfaces: ens18 for local network with Internet connection ...
- 21
0
votes
0
answers
228
views
Ping not leaving linux VM
Firstly, only just learning Linux and networking, so please assume I have minimal knowledge!
Perhaps a week ago I was working on a small python script that involved pinging devices from the Kali Linux ...
0
votes
1
answer
168
views
IPTables rules and networking with problems
I'm using a Fritzbox for normal network and an own installed Router on rpi3 for an own network with openvpn, dnsmasq and iptables. Over the last few years the setup worked good. You can find the ...
- 21
0
votes
0
answers
195
views
Routing Traffic from PPTP VPN Server to OpenVPN Client on tun0
Thanks for taking the time to help me out. I'm trying to setup a routing between the traffic I get from my PPTP VPN Service on (ppp0) and route it to my OpenVPN (tun0) Interface. I have tried multiple ...
0
votes
0
answers
203
views
Why does route rule not work when I set mark after the net packet go through the 'forward chain' of iptables?
I want to that all the packets through 'farword chain' redirect to local loopback, so that I can proxy this traffic.
I set the route rules of iproute2 (all the packet with mark 1 is routed to local ...
0
votes
0
answers
675
views
How to route Wireguard within a network namespace with public internet access?
I've been trying to wrap my head around this for several days now, so I drew a picture (at bottom of post).
Context
I have a VPS with two namespaces:
init namespace (root)
custom namespace (my cool ...
- 111
0
votes
0
answers
796
views
Shadowsocks + v2ray server on my local computer at home. NOT on VPS. How to configure redirection of traffic from the server to the eth1?
I created a shadowsocks + v2ray server on my local computer at home in a virtual machine. OS ubuntu 22.04. The ubuntu VM has 2 network interfaces: eth0 (192.168.1.10) and eth1 (192.168.2.10).
On the ...
0
votes
0
answers
54
views
VPN router only accessible with new default routes instead of standard gateway setting
On my Ubuntu machines I configured a router for internal VPN Access as VM.
The VM is only used to have masked connections going out to the internet. No connections are made from outside to lan or so. ...
- 1
0
votes
1
answer
151
views
Ethernet device not reachable when WIFI is on
I have an IoT device that runs a small HTTP server, which I access through Ethernet.
My Ethernet is routed through 192.168.1.3 and configured manually.
I can access the device with no issues when my ...
- 121
0
votes
1
answer
49
views
One computer (RPi CM4), 2 NICs, two separate networks
I have a RPi CM4 machine with 2 NICs. I want to be able to communicate with the main network on eth0 (192.168.1.x) and a separate network on eth1 (192.168.0.x).
For the main network connection, IT ...
- 1
4
votes
1
answer
6k
views
VPN client cannot access network behind VPN server(wireguard)
I have created a wireguard VPN server, but the clients cannot access some networks behind the server,
wireguard-server
eno1: 10.10.10.2/24 (GW)
eno2: 10.10.11.2/24
wg0: 10.66.66.1/24
I want the ...
- 43
4
votes
1
answer
2k
views
Why a packet is sent with a wrong source IP address when setting fwmark using iptables mangle to change routing table?
I want to route a traffic from a specific program through a WireGuard VPN.
I set the wireguard interface, config, routings, etc.
To do routing through the VPN only for a single program, I run the ...
- 153
6
votes
2
answers
18k
views
Routing WireGuard peer's traffic via another peer
I want to use the RPi in my house as a WireGuard VPN. Unfortunately, my ISP mandates a CGNAT. My plan was to have the RPi connect as a WireGuard peer to my server (with a static IP). I would then ...
- 63
1
vote
0
answers
253
views
How to configure DNAT on linux PC so that windows PC destination address can NAT to external linux server?
Topology:
Windows PC (Eg.,20.0.0.2) <---> enp6s0 20.0.0.1 [Ubunthu 20.04 as NAT] enp8s0 172.30.18.95<-->eth1 - Linux PC {172.30.18.90}
Requirement:
I want to ftp 30.0.0.1 from windows PC, ...
- 11
0
votes
0
answers
372
views
Issues with Wireguard routing from a single NIC
I am having issues with Wireguard seemingly not routing everything. Basically I have a ubuntu box at home, where I have installed Wireguard.
I want to be able to connect to that box and access both ...
- 169
1
vote
1
answer
311
views
address-based routing policy for Linux router?
I have a home Linux router, it connects to the Internet through ppp0(both IPv4/v6), I run a wireguard VPN wg0 on it. Its internal NIC interface is lan0 (192.168.100.1/24, fd42:100::1/120), which ...
- 53
1
vote
1
answer
844
views
Ip route : access ip on different interface trough Wireguard VPN
I would like to access from my Windows PC a KNX interface that is wired to a Linux PC trought my wireguard VPN but the interface is on a different subnet. The KNX interface use UDP protocol on port ...
- 21
0
votes
1
answer
2k
views
How to route traffic between 2 interfaces via iptables?
Introduction
The primary topic of the question is feeding DUT (Device Under Test) system via traffic generator (t-rex).
t-rex can be used from docker image - here is a doc page. The docker image ...
- 141
0
votes
1
answer
1k
views
How to pass traffic through other Interfaces
I have total 4 Interfaces on my VM where enp0s3 is the primary Interface and others are the secondary Interfaces
ip a output
[root@vm]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue ...
- 143
1
vote
1
answer
2k
views
How to forward openvpn/wireguard to another wirdguard interface without modifying global route table?
I have one wireguard interface wg_vpn, but I don't want it to be global, so I add the line "Table = off" to the wg_vpn.conf to prevent wg-quick to modify the route table.
I also have an ...
- 53
0
votes
0
answers
1k
views
How to do "source-MAC based routing" with nftables
(This is a simplified version of this: Can Linux do "source MAC based routing?")
I have an appliance that needs to route egress packets back to the MAC interface where the ingress packets ...
- 873
3
votes
0
answers
2k
views
Routing traffic through custom tap device en-route to internet on linux
I have a VM that is using a tap device (tap2) and my goal is to filter all the traffic in/out of tap2 using a custom program written by me that runs in userspace.
The topology I came up with routes ...
4
votes
1
answer
20k
views
Wireguard Client With Two Interfaces - Use one Interface for Wireguard
I'm trying to configure a Wireguard client currently set to route all traffic through Wireguard to only route one network interface through Wireguard.
Ex: The Client has both wlan0 and eth0 interfaces ...
- 41
0
votes
0
answers
82
views
How to redirect incoming IPs to specific eth?
I'm using a storage server to work and share large video files among co-workers (weddings, events...)
Server has 2 ethernet cards with 2 different internet providers.
We have different internet ...
user1209888
1
vote
1
answer
17k
views
Creating Docker network bridge to route outgoing traffic via specific interface
I am trying to create new docker network bridge that route outgoing traffic via my 2nd network interface, I managed to make containers traffic go through the desired interface, however i lost the ...
- 21
0
votes
1
answer
275
views
how can i access device on dhcp server from outer net
i made DHCP server on rpi with following settings:
for interface eth1:
interface eth1
static ip_address=192.168.1.1/20
static routers=192.168.1.0
and for dnsmasq.config
interface=eth1
bind-interfaces
...
0
votes
1
answer
255
views
Ubuntu server Iptables rerouting not working properly
I am trying to setup a simple node.js express app on ubuntu server. I wanted my app to listen on port :80 but it was throwing errors on startup so i changed it to listen on port :3000 (I don't really ...
0
votes
0
answers
65
views
Route all traffic to the interface it came from
I've set up a Wireguard connection between my PC and VPS Server. I want to use it to port forward to my PC while keeping the clients real IP adress. I think I have everything figured out except the ...
- 13
0
votes
1
answer
2k
views
CentOS 7 custom routes with 2 NIC's
I have two interfaces o my CentOS 7:
ens192 - 10.70.87.200/24
ens224 - 192.168.11.200/24
tcp/22 has to be listening only on ens192
I want all internet traffic but a few networks do be going out via ...
- 1
0
votes
0
answers
85
views
using iptables nat to connect two machines unaware of each other
I have done it several times in the past, but after more than 10 years that I've been away from networking, I just cannot make it work again:
I have three machines, A B and C. Both A and B can see C, ...
- 1
2
votes
1
answer
1k
views
Why do we use redsocks+iptables instead of using iptables only?
I can not understand why we use redsocks. Can't I do samething just using iptables to redirect all traffic to my socks proxy(that I create with ssh tunneling) ? What is the point of using redsocks ? ...
- 33
1
vote
2
answers
3k
views
Routing using iproute2 after NAT
In a Linux system, which acts as a gateway on my lan, I tried to route traffic using iproute2.
Moreover, before routing it is necessary to perform the NAT, since
the linux machine is connected to a ...
- 81