Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have an SSH server set up on my VPS and my VPS has multiple IP addresses.
When I connect to any of the IP addresses I can login successfully, but when I use it for tunneling and go to whatsmyip.org I always see my first IP (eth0).
The interfaces for the IP addresses are eth0, eth0:0, and eth0:1.
How do i force the application (sshd) to use the interface that its bound on?
Still not solved.
This helped me a lot: http://linux-ip.net/html/adv-multi-internet.html
in that i can make it so outgoing connections made on certain ports go to certain IP addresses but I'm still trying to figure out a way for the IP address thats bound to the SSH server is the IP address that's used for outgoing connections.
no luck as of yet.... I'm going to look into iptables and iproute to see what I can do...
Oh sorry, hahaha. I'm new to this forum so i didn't realize, but this is what i tried:
Code:
[root]# ip route add xx.xxx.239.120 via xx.xxx.239.120 dev eth0 table 4
[root]# ip route add table 4 default via xx.xxx.239.120
[root]# iptables -t mangle -A PREROUTING -p tcp --dport 80 -s xx.xxx.239.120 -j MARK --set-mark 4
[root]# iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source xx.xxx.239.120
[root]# ip rule add fwmark 4 table 4
and what that does it force outgoing connections through the tunnel that are going to HTTP pages to be on that IP but i want it so if you connect on an IP it uses that IP to make outgoing connections.
the ssh server is bound to multiple interfaces.
When I connect from a remote computer to the server on, let's call it xx.xxx.239.121, I want the server to make outgoing connections to websites with the IP address xx.xxx.239.121
and if i connect to the ssh server on xx.xxx.239.120 i want it to connect to websites with xx.xxx.239.120
and if i connect to the ssh server with xx.xxx.239.122 i want it to connect to websites with xx.xxx.239.122
and so on.
wan1_dev=`venet0:0`
wan1_ip=`VENET0:0 IP ADDRESS`
wan1_gw=`VENET0:0 GATEWAY`
wan2_dev=`venet0:1`
wan2_ip=`VENET0:1 IP ADDRESS`
wan2_gw=`VENET0:1 GATEWAY`
ip_start()
{
#delete default route(s)
ip rule flush
ip route del default
ip route del default
ip rule add lookup main prio 32766
ip rule add lookup default prio 32767
#make tables and bind them to marks
ip rule add from $wan1_ip table 100 prio 100
ip rule add fwmark 0x100 table 100 prio 101
ip rule add from $wan2_ip table 200 prio 200
ip rule add fwmark 0x200 table 200 prio 201
ip route flush table 100
ip route flush table 200
WAN1ROUTE="$(ip route | grep link | grep $wan1_dev)"
WAN2ROUTE="$(ip route | grep link | grep $wan2_dev)"
#anyhting in table 100 will go through wan1
#anything in table 200 will go through wan2
ip route add table 100 to $WAN1ROUTE
ip route add table 200 to $WAN2ROUTE
ip route add table 100 default via $wan1_gw
ip route add table 200 default via $wan2_gw
#this will make the default route (no marks)go through wan1 always
ip route delete default
ip route add default via $wan1_gw dev $wan1_dev
}
set_mark()
{
iptables -t mangle -A PREROUTING -p tcp --match owner --uid-owner 1000 -j MARK --set-mark 0x100
iptables -t mangle -A PREROUTING -p udp --match owner --uid-owner 1000 -j MARK --set-mark 0x100
iptables -t mangle -A PREROUTING -p tcp --match owner --uid-owner 1001 -j MARK --set-mark 0x200
iptables -t mangle -A PREROUTING -p udp --match owner --uid-owner 1001 -j MARK --set-mark 0x200
}
It would be nice if the Original Poster mentioned how he did that. I've been trying to do something like that for a while now.
Got VPS hosting with 3 IPs. Whichever IP I SSH to (using Putty), the SOCKS5 tunnel I create will have the same outbound IP (venet0:0, XXX.XXX.XXX.161).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.