Lil’ bit: Redirecting traffic out a given interface

2009/02/25 16:23:00
Print Friendly

This is a relatively simple trick, but one that I thought was rather clever.

I needed to SSH into a target server (172.16.4.1) that only allowed connections from a specific IP address (172.16.4.10). I knew that the system holding that specific IP address was down, yet I still needed to SSH into the target.

To further complicate matters, I did not have physical access to the target network at the time. But, I did have remote access (and root) to another Linux box on the network.

Hmmm…

So, all I needed to do was change the IP address of my one good box to the one expected by the target system, but if I changed the IP address on the main interface, then I would disconnect myself.

Enter virtual interfaces and routing.

I created a new virtual interface with ifconfig (assuming 172.16.4.10 is the IP we want to come from):

/sbin/ifconfig eth0:1 172.16.4.10

This does not, however, mean that my SSH connection will come from this address, so I needed to change the routing table (assuming 172.16.4.1 is what we want to connect to):

/sbin/route add -host 172.16.4.1 eth0:1

Now, I will effectively be coming from my new interface when I connect to the target server.


AHA! It works!

2007/08/17 00:02:00
Print Friendly

As usual, when I have some time off, I tinker with my network and tend to break something.

I decided that I could let my wireless router rest a bit by turning off its gateway functionality, thereby accepting it into my LAN and telling it not to treat the other side like the wilds of the Internet. This means it wasn’t translating addresses for me anymore. No NAT.

This is all well and good, but now the network on the other side of that wireless router needs to be known to my central Linux router. Hmmm!

So, I typed in

sudo /<span>sbin</span>/ip route add 172.30.19.0/30 via 172.30.100.2 dev eth2

where 172.30.19.0 is the wireless network and 172.30.100.0 is the tiny (2 connection) network between the Linux router and the wireless router.

This made things work great, but I wondered how to ensure that this route was added at each reboot.

In CentOS 3, this information is stored in the /etc/sysconfig/static-routes file like so:

any net 172.30.19.0 netmask 255.255.255.252 gw 172.30.100.2 dev eth2

This syntax is used by the

/sbin/route

command.

Well, off to bed.