Re: Help needed on ip forwarding
From: Daniel (acruxis_at_swift.com)
Date: 09/29/04
- Next message: Anderson: "newbie dns & email question"
- Previous message: TCMA: "Re: minicom: cannot open /dev/usb/tts/0: No such file or directory"
- In reply to: Bernhard Kastner: "Re: Help needed on ip forwarding"
- Next in thread: Bernhard Kastner: "Re: Help needed on ip forwarding"
- Reply: Bernhard Kastner: "Re: Help needed on ip forwarding"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 29 Sep 2004 22:54:52 +0800
Bernhard Kastner wrote:
> Daniel schrieb:
>
>> Here's my current network.
>>
>> [ADSL modem] -- [ router ] -- [ private LAN ] -- [ my computer ]
>>
>> My modem gets an external IP from the ISP.
>>
>> My computer uses an internal IP (192.168.0.*) assigned by the router.
>>
>>
>> What I'd like is to set up a virtual interface and ip
>> forwarding/masquerading to 'trick' my
>> computer into thinking that it's using the external IP address instead.
>>
>> This is because certain peer to peer clients work better if they
>> 'think' they have
>> an external IP address to give to other client on their networks. My
>> computer is set as
>> the DMZ on the router, so any inbound connection will pass through to
>> my computer.
>>
>> The issue is now how to trick all the applications into thinking
>> they're using the
>> external IP address on the virtual interface (I have two physical
>> interfaces on my
>> computer if it makes a difference).
>>
>> I managed to set the external IP on the virtual interface, but got
>> stuck setting up
>> the routing tables.
>>
>> Any help in getting this setup to work would be greatly appreciated.
>>
>> Thanks in advance,
>> Daniel
>
>
> what kind of router is your router? is it a little box that gave you
> your isp or is it a configurable computer?
> there are two possibilities: If it is a computer, just set
> /proc/sys/net/ipv4/ip_forward to 1 if you really want everything to be
> forwarded, which is not recommended for some security reasons.
> The second possibility is, you have a little Router, that is no
> "computer" and is configurable. In that case, you just have to forward
> PORTS, not IPs. that's a big difference. If you want to run eMule, you
> have to forward the specific port (both UDP and TCP) to your computer
> and nothing more.
>
> But be careful with forwarding ports: some ports are used by malicious
> software that wants to enter your network and if your ISP doesn't allow
> a server or even a network to be set up by you, you can be detected by
> the ISP, when you're running services on a specific port, that is
> forwarded. (So never ever forward Port 80 if you're not allowed to runa
> a webserver)
I'm using a little box as my router. I'm quite comfortable with setting my
computer as the DMZ in the LAN.
what I need is for my computer to use the external IP as its own IP on
one of its (virtual) interfaces.
Case in point is ICQ. ICQ reports its own internal IP address if it is
in a LAN.
Then it's impossible for someone outside the LAN to initiate a direct
connection.
But if ICQ is using the virtual interface with the external IP address,
it will
think it is on the 'outside' and will report the external IP so that
someone
outside can initiate the direct connection (since my computer is the DMZ).
My main problem now is getting the routing tables correctly configured.
- Next message: Anderson: "newbie dns & email question"
- Previous message: TCMA: "Re: minicom: cannot open /dev/usb/tts/0: No such file or directory"
- In reply to: Bernhard Kastner: "Re: Help needed on ip forwarding"
- Next in thread: Bernhard Kastner: "Re: Help needed on ip forwarding"
- Reply: Bernhard Kastner: "Re: Help needed on ip forwarding"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
