LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 09-19-2013, 05:52 PM   #1
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Costa Rica
Distribution: Kubuntu, Debian, Knoppix
Posts: 2,092
Blog Entries: 1

Rep: Reputation: 90
masquerading on appliance with busybox without iptables


Hi!

I have this small appliance. We got openvpn running on it and now would like to get it to masquerade traffic from clients. iptables is not available so I can't tell it to masquerade traffic so I wanted to know what the options are available on a busybox-based box.

Thanks in advance.
 
Old 09-21-2013, 04:21 AM   #2
business_kid
LQ Guru
 
Registered: Jan 2006
Location: Ireland
Distribution: Slackware, Slarm64 & Android
Posts: 17,278

Rep: Reputation: 2553Reputation: 2553Reputation: 2553Reputation: 2553Reputation: 2553Reputation: 2553Reputation: 2553Reputation: 2553Reputation: 2553Reputation: 2553Reputation: 2553
I would go hunting in /proc/sys/net/ and subdirectories to see if there is something you can echo 0 or 1 to. When you say masquerading, do you mean NAT? In that case, it's

echo 1 > /proc/sys/net/ipv4/ip_forwarding

I think. Others will no doubt correct me if I'm wrong.
 
Old 09-21-2013, 10:12 AM   #3
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Costa Rica
Distribution: Kubuntu, Debian, Knoppix
Posts: 2,092

Original Poster
Blog Entries: 1

Rep: Reputation: 90
I can tell you about that. That flag does no natting. It only tells the kernel that it's ok to forward traffic that's intended for anothet host (and then netfiltet stuff applies if it's enabled)
 
Old 09-21-2013, 10:20 AM   #4
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Costa Rica
Distribution: Kubuntu, Debian, Knoppix
Posts: 2,092

Original Poster
Blog Entries: 1

Rep: Reputation: 90
Natting is normally achived with a SNAT or MASQUERADE targnat table.et on POSTROUTING of netfilter's nat table. You do nothing like this on netfiltrr, traffic woll be forwarded with theor dource/destination addresses unchanged..... And if ypu want that traffic to be sent to internet using some kind of proxy for a private network, that's a 'ivate networko go'. You absolutelly must do some magic to get the proxy to 'switch' the src ip address of the traffic henerated from the pro fot its own publuc ip address so the traffic can come back to thst same host.
 
Old 09-21-2013, 10:23 AM   #5
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Costa Rica
Distribution: Kubuntu, Debian, Knoppix
Posts: 2,092

Original Poster
Blog Entries: 1

Rep: Reputation: 90
So many mistakes...... Writing from a smartphone..... Sorry, hope you understand what I meant .
 
  


Reply

Tags
busybox, iptables, openvpn


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Masquerading with iptables Chris E Linux - Networking 2 12-28-2012 02:26 PM
[SOLVED] Masquerading with iptables debeb Linux - Networking 1 07-05-2010 02:19 PM
iptables : masquerading not possible iamtux Linux - Networking 3 06-05-2005 12:32 AM
Iptables Masquerading GOLDF1NG3R Linux - Security 3 11-11-2001 12:51 AM
Iptables Masquerading GOLDF1NG3R Linux - Networking 4 11-01-2001 05:34 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 05:36 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration