linux ip masquerading
play

Linux IP Masquerading Brian Vargyas XNet Information Systems 1 - PowerPoint PPT Presentation

May 30, 2023 •258 likes •483 views

Linux IP Masquerading Brian Vargyas XNet Information Systems 1 Agenda What is IP Masquerade How does it work Example Setting Up IP Masquerade References 2 What not to expect Teaching you how to set up Redhat Linux 5.1

  1. Linux IP Masquerading Brian Vargyas XNet Information Systems 1

  2. Agenda • What is IP Masquerade • How does it work • Example • Setting Up IP Masquerade • References 2

  3. What not to expect • Teaching you how to set up Redhat Linux 5.1 • How to compile and install a new kernel 3

  4. Why is IP Masquerading HOT? • Demand to share a single Internet address across multiple machines. • Demand to save Internet IPv4 address space. • Demand for better internal network security. 4

  5. Emerging Applications • Network Hiding • Cable Modem Solutions • xDSL Solutions • Dial on Demand Internet 5

  6. So what is it? • A Developing networking function built in to RedHat Linux 5.1 • Allows machines connected to the Linux system to access the Internet as if they were coming from a single IP address. • Provides a secure way of hiding internal networks. 6

  7. A Simple Setup ISP eth0 ISDN 10.0.0.0/8 Linux 204.248.50.100/32 Static Class A Network Gateway Dynamic IP Address 7

  8. How it works • Translation Tables Manage Inside to Outside Address Translation • IPFWADM (IP Firewall Administration) • IPPORTFW (IP Port Forwarding) • Loadable kernel modules for special IP services like FTP, IRC, QUAKE. 8

  9. IP Translation Tables Net • Maintains IP Address Source/Dest. Port Pairs. • Pool of 4096 Ports. Inside Addresses Outside Address 10.0.0.1 23 100.0.0.1 2000 10.0.0.2 80 100.0.0.1 2001 10.0.0.3 25 100.0.0.1 2002 Address / Dest. Port Pairs Address / Source Port Pairs 9

  10. IPFWADM (Firewall) • Manages Permit/Deny Firewall Access Lists • Controls which networks are allowed to IP Masquerade • Deny access to all other networks. 10

  11. IPPORTFW (Port Forwarding) • Controls mapping of incoming port requests to a inside address. • Lets you run mail/web server on another host inside your network. • Provides complete flexibility on where to place IP services. • Not included in standard Redhat 5 distribution. 11

  12. Loadable Kernel Modules • Lets special IP services such as FTP operate correctly. I.E. Back Channel Data (Not Passive). • Only loads into memory if needed • Some services not supported. • PPTP Patches. 12

  13. Example (My Home) • 3 Machines needs Internet access • 1 DHCP dynamic address provided from Cable Company. • Backup ISDN dialup • Windows NT web/mail server 14

  14. Example Config ISP ISDN eth1 eth0 Cable Modem 10.0.0.0/8 Linux Static Class A Network Gateway Cable Network 15

  15. Setup Procedure • Configure all system interfaces. Make sure you can ping remote machines. Verify connectivity to your ISP is working. • Install IPPORTFW Kernel Patches, Rebuilt Kernel, Install and Reboot. (Kernel 2.0.33/2.0.34) Compile IPPORTFW utility and install in /bin. • Edit your /etc/rc.d/rc2.d/S99local file and include the necessary IPFWADM and IPPORTFW configuration. • Make sure you have a default route (0.0.0.0/0) pointed at your ISP Interface. 15

  16. Setup Configuration (S99local) # S99local echo "1" > /proc/sys/net/ipv4/ip_forwarding /sbin/ipfwadm -F -p deny /sbin/ipfwadm -F -a m -S 10.0.0.0/24 -D 0.0.0.0/0 /sbin/ipportfw -A -t 24.131.169.80/80 -R 10.0.0.3/80 /sbin/ipportfw -A -t 24.131.169.80/25 -R 10.0.0.3/25 route add default 24.131.169.1 16

  17. Verify Configuration [root@bv-gw /]# netstat -M IP masquerading entries, free ports: UDP 4095 TCP 4096 prot expire source destination ports udp 4:52.95 10.0.0.3 204.91.243.41 1085 -> 4000 (61058) [root@bv-gw /]# ipfwadm -F -l IP firewall forward rules, default policy: deny type prot source destination ports acc/m all 10.0.0.0/24 anywhere n/a [root@bv-gw /]# ipportfw -L Prot Local Addr/Port > Remote Addr/Port TCP 24.131.169.80/25 > 10.0.0.3/25 TCP 24.131.169.80/80 > 10.0.0.3/80 17

  18. Problems • Not every IP protocol works • Difficult to run web/mail when you have a DHCP address that keeps changing. • DNS needs to be hosted by ISP 18

  19. Private IP Address Space (RFC 1918) • Must use following address space for internal networks: • 10.0.0.0/8 255.0.0.0 • 172.16.0.0/12 255.240.0.0 • 192.168.0.0/16 255.255.0.0 19

  20. Illegal Address Space Issues • Problems getting to the network being used. (DNS Related Issues) • Need to use another vendor implementation to solve problem • IP NAT Overlapping (CISCO) 20

  21. References • IP Masquerade Web Page http://ipmasq.home.ml.org/ • Port Forwarding Web Page http://www.ox.compsoc.org.uk/~ steve/portforwarding.html • My Web Page http://www.xnet.com/~brianv 21

Recommend

Masquerading Malicious DNS Traffic Bayesian Inference, Rainier, Spark David Rodriguez March 28,

Masquerading Malicious DNS Traffic Bayesian Inference, Rainier, Spark David Rodriguez March 28,

Masquerading Malicious DNS Traffic Bayesian Inference, Rainier, Spark David Rodriguez March 28, 2019 The Outline Masquerading Time Series Rainier Anomaly DNS Modeling + Detection Traffic Spark The Outline Masquerading Time Series

615 views • 39 slides
Talks outline iptables versus ipchains The goal (or: my goal) The packets way through

Talks outline iptables versus ipchains The goal (or: my goal) The packets way through

IP Masquerading using iptables Eli Billauer eli billauer@yahoo.com IP Masquerading using iptables p.1 Talks outline iptables versus ipchains The goal (or: my goal) The packets way through iptables Classic masquerading (SNAT)

785 views • 31 slides
Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client

Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client

Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client and a server? What is Linux? Linux generally refers to a group of Unix-like free and open-source operating system distributions that use the Linux

562 views • 53 slides
Ruptured abdominal aortic aneurysm masquerading as isolated hip pain: an unusual presentation

Ruptured abdominal aortic aneurysm masquerading as isolated hip pain: an unusual presentation

C ASE R EPORT R APPORT DE CAS Ruptured abdominal aortic aneurysm masquerading as isolated hip pain: an unusual presentation Sriram Vaidyanathan, MRCS; * Himanshu Wadhawan, MRCS; * Pedro Welch; Murad El-Salamani, FRCS ABSTRACT The

149 views • 4 slides
Linux from Sensors to Servers ! When is Linux Not Linux? ! 1 1 Linux runs across a huge range

Linux from Sensors to Servers ! When is Linux Not Linux? ! 1 1 Linux runs across a huge range

Linux from Sensors to Servers ! When is Linux Not Linux? ! 1 1 Linux runs across a huge range of systems ! CC BY-SA 2.0 FHKE, Flickr 2 Whats the difference between Linux on a big thing and Linux on a little thing? ! 3 ! Whats the

900 views • 52 slides
Computing using Linux: The Good and the Bad Christoph Lameter HPC and Linux Most of the

Computing using Linux: The Good and the Bad Christoph Lameter HPC and Linux Most of the

High Performance Computing using Linux: The Good and the Bad Christoph Lameter HPC and Linux Most of the supercomputers today run Linux. All of the computational clusters in corporations that I know of run Linux. Support for

419 views • 12 slides
Linux Overview Amir Hossein Payberah payberah@gmail.com 1 Agenda Linux Overview Linux

Linux Overview Amir Hossein Payberah payberah@gmail.com 1 Agenda Linux Overview Linux

Linux Overview Amir Hossein Payberah payberah@gmail.com 1 Agenda Linux Overview Linux Distributions Linux vs Windows Linux Architecture Linux Security 2 What is Linux? Similar Operating System To Microsoft Windows, Sun

1.11k views • 55 slides
Interviews with Different Users About Their Linux Setups Steven Ovadia My Linux Rig

Interviews with Different Users About Their Linux Setups Steven Ovadia My Linux Rig

The State of Desktop Linux: Interviews with Different Users About Their Linux Setups Steven Ovadia My Linux Rig www.mylinuxrig.com @steven_ovadia *** Associate Professor/Web Services Librarian LaGuardia Community College About My Linux

458 views • 27 slides
Introduction to Linux Fundamentals of Computer Science Outline Operating Systems Linux

Introduction to Linux Fundamentals of Computer Science Outline Operating Systems Linux

Introduction to Linux Fundamentals of Computer Science Outline Operating Systems Linux History Linux Architecture Logging in to Linux Command Format Linux Filesystem Directory and File Commands Wildcard Characters

686 views • 19 slides
Introduction to Linux Aline Abler Aline Abler Linux, whats that? The pieces of a Linux

Introduction to Linux Aline Abler Aline Abler Linux, whats that? The pieces of a Linux

Linux, whats that? The pieces of a Linux system Linux Concepts Distributions Desktop environments Switching to Linux Epilogue Introduction to Linux Aline Abler Aline Abler Linux, whats that? The pieces of a Linux system Linux

767 views • 57 slides
GNU/Linux Why use it? What is Linux? Linux is a UNIX-like, GPL-licensed open-source kernel. The

GNU/Linux Why use it? What is Linux? Linux is a UNIX-like, GPL-licensed open-source kernel. The

GNU/Linux Why use it? What is Linux? Linux is a UNIX-like, GPL-licensed open-source kernel. The GNU userland consists of libc, the init system (SystemD) X11 GUI toolkits etc. Ask the audience Who has used

442 views • 22 slides
Linux You Can Drive My Car Embedded Linux Conference

Linux You Can Drive My Car Embedded Linux Conference

Linux You Can Drive My Car Embedded Linux Conference 2017 Walt Miner ( @VStarWalt ) Community Manager, AGL , The Linux FoundaGon

721 views • 55 slides
Linux For Beginners April 26, 2016 Dualboot Linux and Windows Dualboot Linux and Windows

Linux For Beginners April 26, 2016 Dualboot Linux and Windows Dualboot Linux and Windows

Linux For Beginners April 26, 2016 Dualboot Linux and Windows Dualboot Linux and Windows Reinstall usually keeps personal files Advantages of Linux More secure Package manager Software installation is easy, fast and secure Keeps

528 views • 15 slides
Linux Kung Fu Stephen James UBNetDef, Spring 2017 Introduction What is Linux? What is the

Linux Kung Fu Stephen James UBNetDef, Spring 2017 Introduction What is Linux? What is the

Linux Kung Fu Stephen James UBNetDef, Spring 2017 Introduction What is Linux? What is the difference between a client and a server? What is Linux? Linux generally refers to a group of Unix-like free and open-source operating system

607 views • 48 slides
AOS Linux Tutorial Introduction to Linux Michael Havas Dept. of Atmospheric and Oceanic Sciences

AOS Linux Tutorial Introduction to Linux Michael Havas Dept. of Atmospheric and Oceanic Sciences

AOS Linux Tutorial Introduction to Linux Michael Havas Dept. of Atmospheric and Oceanic Sciences McGill University September 15, 2011 Outline 1 Introduction to Linux Benefits of Linux What Exactly is Linux? The Free-Software Philosophy 2

898 views • 69 slides
The State of the Linux Desktop An OSDL Perspective John Cherry OSDL Desktop Linux (DTL)

The State of the Linux Desktop An OSDL Perspective John Cherry OSDL Desktop Linux (DTL)

The State of the Linux Desktop An OSDL Perspective John Cherry OSDL Desktop Linux (DTL) September 23, 2006 1 2 The State of the Linux Desktop Riding the Open Software Wave The Linux Desktop Markets Linux Desktop Market Data The Linux

543 views • 40 slides
Linux Basics 2 Pre-Lab Everyone installed Linux on their

Linux Basics 2 Pre-Lab Everyone installed Linux on their

Computer Systems and Networks ECPE 170 Jeff Shafer University of the Pacific Linux Basics 2 Pre-Lab Everyone installed Linux on

617 views • 25 slides
Power Your Car with Automo0ve Grade Linux Automo&ve Linux

Power Your Car with Automo0ve Grade Linux Automo&ve Linux

Power Your Car with Automo0ve Grade Linux Automo&ve Linux Summit 2017 Walt Miner ( @VStarWalt ) Community Manager, AGL , The Linux

594 views • 37 slides
Mostafa Z. Ali Mostafa Z. Ali mzali@just.edu.jo 1 1 The Linux Utilities Linux did not

Mostafa Z. Ali Mostafa Z. Ali mzali@just.edu.jo 1 1 The Linux Utilities Linux did not

Fall 2009 Lecture 5 Operating Systems: Configuration & Use CIS345 The Linux Utilities Mostafa Z. Ali Mostafa Z. Ali mzali@just.edu.jo 1 1 The Linux Utilities Linux did not have a GUI. It ran on character based terminals only,

1.16k views • 70 slides
Virtual Memory and Linux Alan Ott Embedded Linux Conference April 4-6, 2016 About the Presenter

Virtual Memory and Linux Alan Ott Embedded Linux Conference April 4-6, 2016 About the Presenter

Virtual Memory and Linux Alan Ott Embedded Linux Conference April 4-6, 2016 About the Presenter Linux Architect at SoftIron 64-bit ARM servers and data center appliences Linux Kernel Firmware Userspace Training USB

1.05k views • 71 slides
RCU Usage in Linux History of Concurrency in Linux Multiprocessor support 15 years ago - via

RCU Usage in Linux History of Concurrency in Linux Multiprocessor support 15 years ago - via

CS510 Concurrent Systems Jonathan Walpole RCU Usage in Linux History of Concurrency in Linux Multiprocessor support 15 years ago - via non-preemption in kernel mode Today's Linux - fine-grain locking - lock-free data structures - per-CPU

600 views • 36 slides
What is GNU/Linux? GNU/Linux is a free operating system Other operating systems:

What is GNU/Linux? GNU/Linux is a free operating system Other operating systems:

What is GNU/Linux? GNU/Linux is a free operating system Other operating systems: Microsoft windows Apple Mac OS X Sun Solaris FreeBSD/OpenBSD AIX And many more..... GNU/Linux history GNU project started by

330 views • 9 slides
TOMOYO Linux A Lightweight and Manageable Security System for PC and Embedded Linux

TOMOYO Linux A Lightweight and Manageable Security System for PC and Embedded Linux

CE Linux Forum Worldwide Embedded Linux Conference 2007 April 17-19, 2007 TOMOYO Linux A Lightweight and Manageable Security System for PC and Embedded Linux http://tomoyo.sourceforge.jp/ Toshiharu Harada Tetsuo Handa NTT DATA

654 views • 47 slides
$ linux 101 Presented by: Shanelle Ileto $ what are we learning today? An introduction to

$ linux 101 Presented by: Shanelle Ileto $ what are we learning today? An introduction to

$ linux 101 Presented by: Shanelle Ileto $ what are we learning today? An introduction to Linux Linux filesystem The terminal Basic Linux commands Some tips and tricks User and group management File and owner

1.26k views • 72 slides

More recommend