How to send icmp packets on a particular interface?

dravya · 07-29-2004, 09:12 AM

Hi all,

I have a system setup with two phones/ interfaces (ppp0 and ppp1). I access the internet via these two interfaces only.

The problem is that there are times when a packet with the ip address of ppp0 goes over ppp1 and vice-versa. For example, when a machine (with my machine as the gateway) pings a website outside, I get a change of ip address, meaning that the packet went on the wrong link. Any ideas??? What part of the kernel code deals with this?

I want to be able to send these pings on a particular interface (src add of packet should be same as ip add of interface (ppp0 or ppp1)).

I am a total newbie to the kernel code. I would greatly appreciate it if someone could give me a starting point or any suggestions would be great.

Thank you all

Dravya

barisdemiray · 07-29-2004, 10:00 AM

Firstly i should write out what i understand.. Your machine is gateway of your internal network and you want to route the packets coming from your internal network and going to internet by changing the original source IP address with your machine's IP address. And also doing the reverse when you get a packet coming from internet. Right?

If so, you can use iptables for changing the source address of packets going to internet via one interface of your machine. Read the source NAT documentation at www.netfilter.org

http://www.netfilter.org/documentati...O-6.html#ss6.1

Since you're using ppp interface (dynamic IP), also read the masquerading part. It's easier with masquerading when your IP is not static. Hope this helps.

dravya · 07-29-2004, 02:30 PM

>Firstly i should write out what i understand.. Your machine is gateway of your internal >network and you want to route the packets coming from your internal network and going to >internet by changing the original source IP address with your machine's IP address. And >also doing the reverse when you get a packet coming from internet. Right?

Yes you are exactly right.

Thank you ver much for the links. I checked them out and as it turns out I have the exact rules in my iptables:

iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o ppp1 -j MASQUERADE

and yet when a machine on my network uses my machine as the gateway to ping outside, packets travel on the wrong link causing change of ip address of the phones. I have tested this using ethereal and it clearly shows a ppp0 packet (src add of ppp0) outgoing on ppp1, as I was capturing on ppp1. Also, iptables is masquerading as it shows the number of packets it masqueraded.

Isn't iptables the last thing before the packet actually goes on the wire??? Even if ip_route_output() gives me the wrong link shouldn't iptables be able to overright it??

I am in a big dillema.... and help is really welcome.

Thanks again

dravya

barisdemiray · 07-29-2004, 04:15 PM

Quote:

Originally posted by dravya
Isn't iptables the last thing before the packet actually goes on the wire??? Even if ip_route_output() gives me the wrong link shouldn't iptables be able to overright it??

dravya

Yes, i also know like that.. iptables can control the packets just before they hit the wire and postrouting is done at this step. But iptables can overright (or alter) the packets matched with it's rules only. There can be any other rule in your nat table doing somethind weird. Like routing between ppp0 and ppp1 interfaces for example.. No idea except this possibility.