investorfoki.blogg.se - Gns3 linux duplicate packets tun0

However, if I want to use client tun0 (10.0.0.2) to browse webpages, the http request would originate from 10.0.0.2 and destinate at an internet ip address (surely not 10.0.0.1). I have used two very simple vpn-like client/server programs to read/write ip packets of the two tun0 interfaces and create a tunnel between wlan0 and eth0, so that ip packets from 10.0.0.2 could reach 10.0.0.1 and vice versa (e.g.

have run " iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -o eth0 -j MASQUERADE" on server side,.

have run " echo 1 > /proc/sys/net/ipv4/ip_forward" on server side,.

Another tun0 (10.0.0.1/8) interface and a physical ethernet card eth0 (192.168.1.38/24) on the server side (Ubuntu 12.04 amd64), eth0 is on a private network behind a NAT firewall and could connect to the internet through the firewall (firewall as a gateway),.

A tun0 (10.0.0.2/8) interface and a physical wireless lan card wlan0 (ip address not fix) on the client side, wlan0 could connect to the internet,.

The interface is actually just tun0.I have questions on the ip packet flow for the following scenario. I feel like a crazy person, but apparently I saw tun0-00 in the beginning and that was the only time it existed. Then I needed to actually type my interface name in correctly. The clients still show the pi as their gateway but they can't connect anymore.įirst I needed to add redirect-gateway def1 into the. The pi connects just fine and reflects a different public IP. I've scrubbed out things that looked sensitive: dev tun Still no joy, the forwarding doesn't seem to work. The FORWARD chain: Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

Sudo iptables -I FORWARD 1 -i wlan0 -o tun0-00 -j ACCEPT Sudo iptables -I FORWARD 1 -i tun0-00 -o wlan0 -m state -state RELATED,ESTABLISHED -j ACCEPT Used the -I flag to insert my rules: sudo iptables -t nat -I POSTROUTING 1 -o tun0-00 -j MASQUERADE I want to send all my traffic through the tunnel if the tunnel is open if not, I'm good with it using eth0. The trouble is that eth0 stays up the original rule to forward traffic to eth0 still exists. Unfortunately I know that these iptables rules aren't complete. Sudo iptables -A FORWARD -i wlan0 -o tun0-00 -j ACCEPT Sudo iptables -A FORWARD -i tun0-00 -o wlan0 -m state -state RELATED,ESTABLISHED -j ACCEPT Thinkin it goes something like this: sudo iptables -t nat -A POSTROUTING -o tun0-00 -j MASQUERADE I do want to send all of it, don't want anything leaking out into the host network. Now I want to set up the same rules except use interface tun0-00 and forward all my traffic through my vpn tunnel. Sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT Sudo iptables -A FORWARD -i eth0 -o wlan0 -m state -state RELATED,ESTABLISHED -j ACCEPT Works great! sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE I'm forwarding wlan0 to eth0 and NATing all my traffic. I've used the following guide to set up my raspberry pi as an access point: