Questions tagged [masquerade]
77 questions
1
vote
1 answer
Intermittent access to HTTPS sites through iptables MASQUERADING
The problem: everything is fine on the network, except every once in a while, all https times out for all the hosts on the network. After a few minutes it goes back to being near-instant for several hours.
The details:
I'm running an Ubuntu Server…
Jon
- 21
- 3
1
vote
0 answers
Combine MASQUERADING and NETMAP in iptables POSTROUTING
We have some clients (networks) which are connected via VPN to our server network.
Let's say client has e.g. 192.168.0.1/32 and our server network is on 10.1.0.0/24.
So the issue now with this client is, that they're already using the 10.1.0.0/24…
Flo
- 156
- 1
- 7
1
vote
1 answer
firewall masquerade configuration not working
I'm using RHEL 8 and am trying to set-up NAT/MASQUERADE using firewall-cmd. So far I have all the network interfaces and services in the public zone. eno8303 is the internal nic and eno8403 is the external nic. This is my procedure but I can't get…
PistolPete
- 21
- 4
1
vote
0 answers
libvirt: how to use host OpenVPN connection
I have Ubuntu 22.04 with OpenVPN connection to remote network. I also have some number of VMs running on my machine. All of them are using one Virtual network to connect each other. Not all VMs support OpenVPN so I need to use host VPN connection.…
BeginEnd
- 111
- 2
1
vote
1 answer
Port forwarding while preserving the source IP address with firewalld
I signed up with a new ISP and they dont provide me with a external IPv4 address. Ive set up a virtual server (S) (that has an address) to relay all my stuff to my box at home (B) using a wireguard tunnel.
On (S) I configured:
sysctl -w…
mkuhlmann
- 11
- 4
1
vote
1 answer
How to block a internal host from the internet with firewalld by MAC address
I am trying to stop some hosts on the network from going outside/calling home.
So I have 2 zones.
[root@eagle ~]# firewall-cmd --get-active-zones
external
interfaces: enp2s0
internal
interfaces: eno1
With masquerading on for…
Adrian Cornish
- 531
- 1
- 4
- 12
1
vote
0 answers
Linux Kernel IP Forward activated, firewalld is bypassed?
On a Linux Centos7, I have some traffic that is routed with static routes from one interface to another.
I did notice that with firewalld activated, both interfaces added in a zone, and nothing allowed in this zone, all the traffic is still routed…
Carbon69
- 11
- 2
1
vote
1 answer
NFTables: is it possible to forward traffic without masquerading it?
I have a remote server (B) that forwards certain incoming traffic to another port of a different server (A, dest).
With "masquerade" I only see traffic coming from the forward server (B), is it possible to see traffic coming from the original…
Polizi8
- 25
- 1
- 6
1
vote
0 answers
Dual-way NAT forwarding using IPVS?
I want to replace iptables(8) with IPVS for a TCP reverse proxy which involved dual-way NAT.
My current setup using iptables is functionally equivalent to a userspace forwarder (like socat(1)). It has the following setup:
iptables -t nat -A…
iBug
- 1,212
- 2
- 13
- 23
0
votes
2 answers
Any drawbacks to to using nat MASQUERADE with no source constraint (in a typical simple VPS setup)
Situation: A VPS already serving web pages via nginx. Now I am adding OpenVPN for roaming devices to this VPS.
One installation for the VPN guide suggests adding this MASQUERADE rule -
iptables -A POSTROUTING -s 10.8.0.0/8 -o eth0 -j…
Craig Hicks
- 677
- 1
- 5
- 13
0
votes
1 answer
Unable to NAT TFTP traffic because iptables is not forwarding the return connection to the client despite TFTP helper creating an expectation
The Problem
I have a TFTP server (Machine 'S') and a TFTP client (Machine 'C') on different subnets. They are connected via a router( Machine 'R'). All 3 machines are Debian 9/Stretch. The router is running iptables and is set to masquerade…
succulent_headcrab
- 387
- 2
- 6
- 12
0
votes
1 answer
Redirecting masqueraded traffic through TOR
I am trying to configure AP with redirection incoming traffic through TOR. My AP now has 2 network interfaces:
eth0 - have internet access (192.168.1.92/24)
wlan0 - intranet, without internet (10.0.0.1/24)
For accessing internet from wlan0 I did…
AseN
- 103
- 1
- 5
0
votes
1 answer
Linux IP-tables Forwarding loose Source IP on access.log
Team,
We have configured IP tables with forwarding request coming on eth1(public IP x.x.x.x) interface to other server. We are able to forward all requests but problem is loosing origin public IP(Source IP of user) on server 192.168.254.X
Please…
0
votes
0 answers
How do I get a PPTP server to have a static IP address per client?
I have an Ubuntu 16.04 server running a PPTP server.
The server is running fine, the pptp.conf file has the following:
localip 10.1.1.2
remoteip 10.1.1.3-252
The chap-secrets file is setup to give one of the remote ip's per user, this all works…
brightskyapps
- 31
- 1
- 4
0
votes
0 answers
Router with DHCP in Centos 7? Where can be an error in settings?
I'm looking for a thorough tutorial on how to configure:
Modem (77.77.7.76) -> Centos 7 -> 192.168.1.0 -> DHCP -> 100 host
Please look at my configuration.
Two network interfaces:
enp0f0
enp0f1
On both cards I set static…
ManOnTheMoon
- 9
- 4