lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:	Mon, 7 Apr 2008 23:44:07 -0400
From:	"Eric B." <ebenze@...mail.com>
To:	netdev@...r.kernel.org
Subject:  How to verify/log/debug which route table being used?

Hi,

I'm trying to configure my server to route different packets via different
kernel route tables.  I thought I had things configured properly, but from
some quick tests, return packets from my server don't seem to be making the
return trip.  I look at my iptables log output and see that my packets are
formed as I would expect, but the logs on my router don't show them showing
up.

Is there a way I can verify / validate that my packets are acutally using
the routing table I have specified and are being retransmitted to the
correct gateway?

My setup is as follows (RHEL 4.2):
# iptables -t mangle -A PREROUTING -d 192.168.104.64 -j MARK --set-mark 3
# iptables -t nat -A POSTROUTING -m mark --mark 3 -j SNAT --to-source
192.168.104.64
# ip rule add fwmark 3 table 3
# ip route add unicast default via 192.168.104.251 table 3

My goal is as follows:
My server is multi-homed; the same NIC serving both 192.168.101.64 and
192.168.104.64.
I'm looking to configure it such that any incoming packets destined for
192.168.104.64 get a mark added to them.  Any response to that packet will
get routed to gateway 192.168.104.251 (from the default route in table 3),
and have its source address modified to 192.168.104.64.

However, if I check my logs on my router at 192.168.104.251, I don't see any
return packets showing up.

Is there any way I can debug (using tcpdump somehow?  Although not quite
sure what to look for in its output - help would be appreciated how best to
use it) the outgoing packets to ensure that they are being sent to
192.168.104.251, and not my default gateway from my main routing table?

Thanks!

Eric



-- 
Posted via a free Usenet account from http://www.teranews.com




--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ