Debian/Ubuntu Tips and Tricks

Debuntu

Debian/Ubuntu Tips and Tricks

How-To: Redirecting network traffic to a new IP using IPtables

Posted by chantra on 6th December 2008

While doing a server migration, it happens that some traffic still go to the old machine because the DNS servers are not yet synced or simply because some people are using the IP address instead of the domain name....

By using iptables and its masquerade feature, it is possible to forward all traffic to the old server to the new IP.

This tutorial will show which command lines are required to make this possible.

Read the rest of this entry »

Tags: , ,
Posted in Administration, HowTo, Networking | 13 Comments »

How-To: Set up a LAN gateway with DHCP, Dynamic DNS and iptables on Debian Etch — page 4 — IPtables

Posted by chantra on 29th June 2008

3. Forwarding Internet traffic with IPtables

IPtables is both used to act as a firewall, but it is also the one passing packets from one network to another.

Read the rest of this entry »

Tags: , , , ,
Posted in Administration, HowTo, Networking, System | 7 Comments »

How-To: Set up a LAN gateway with DHCP, Dynamic DNS and iptables on Debian Etch — page 3 — DHCP server

Posted by chantra on 29th June 2008

2. DHCP server

In order to provide an IP address to the other machines in the network, we need to use a DHCP server.
This DHCP server will provide the host with all the information needed to connect to any other accessible host. i.e, the IP, netmask, gateway, domain name server.
The DHCP server will also update bind with a nt set of hostname and IP when the client is requesting a specific hostname.

Read the rest of this entry »

Tags: , , , ,
Posted in Administration, HowTo, Networking, System | No Comments »

How-To: Set up a LAN gateway with DHCP, Dynamic DNS and iptables on Debian Etch — page 2 — DNS server

Posted by chantra on 29th June 2008

1. DNS server

As a DNS server we are going to use bind9, it will be configured to resolve the names of the host for our network lan.debuntu.local.

The DNS server will also accept dynamic DNS update from the local DHCP server.

In this tutorial, I will be using the Dynamic DNS feature of bind.

Read the rest of this entry »

Tags: , , , ,
Posted in Administration, HowTo, Networking, System | No Comments »

How-To: Set up a LAN gateway with DHCP, Dynamic DNS and iptables on Debian Etch

Posted by chantra on 29th June 2008

Linux is a perfect platform to act as a router/gateway.

In this tutorial, I will explain how to set up a Linux box to operate as a network router. The box will provide the following services:

  • DHCP server to provide the ip addresses to the machines in the LAN
  • DNS server to resolve domain names
  • Gateway with IP tables to give access to the Internet.
  • Firewall with IP tables.

The resulting machine will have quite a small footprint: about 600M, and except if your network is intensively used, a low spec computer can be recycled to do the job.

As the machine is going to operate as a router/firewall

Read the rest of this entry »

Tags: , , , ,
Posted in Administration, HowTo, Networking, System | No Comments »

Iptables: How-to Share your internet connection — page 4

Posted by chantra on 15th December 2006

This entry is part 4 of 4 in the series Iptables: How-to Share your internet connection

4. Using iptables'script

4.1. From the command line

One way to apply the rules we define, is simply to run the script from the command line like:

sudo sh /path/to/firewall-script.sh

but this has the bad effect of not being restore on reboot :s, but still, this will be of great help while tweaking up your firewall.

Read the rest of this entry »

Tags: , ,
Posted in Administration, HowTo, Networking | No Comments »

Iptables: How-to Share your internet connection — page 3

Posted by chantra on 14th December 2006

This entry is part 3 of 4 in the series Iptables: How-to Share your internet connection

3.3. Defining custom chains

In order to get a easier to maintain iptables script, it is handy to define some custom chains, also called user-defined chains. This way, you can gather common actions into 1 chain, then, using our target switch (-j) we will be able to send packets that match specific rules to that target.
In order to create a user-defined chain, we need to use:

Read the rest of this entry »

Tags: , ,
Posted in Administration, HowTo, Networking | No Comments »

Iptables: How-to Share your internet connection — page 2

Posted by chantra on 12th December 2006

This entry is part 2 of 4 in the series Iptables: How-to Share your internet connection

3. Iptables Script

OK, now that we know the really basis, let see what the script is going to look like.

In this example, I assume that eth0 is the interface connected to the Internet, eth1 is the one connected to our local network.

Read the rest of this entry »

Tags: , ,
Posted in Administration, HowTo, Networking | No Comments »

Iptables: How-to Share your internet connection

Posted by chantra on 10th December 2006

This entry is part 1 of 4 in the series Iptables: How-to Share your internet connection

iptables is a command line tool which allow system administrators to configure Linux packet filtering ruleset.

Using iptables, you are able to tweak packet filtering, Network Address Translation (NAT) and packet mangling which in the end are going to allow you to secure your server, share your Internet connection and log unwanted traffic.

iptables is not really what we could call an easy to get with tool, but once you know the basis, it won't be that scary :).

This tutorial will provide a sample script you can use to share your Internet access and will give an overview on how to use iptables

Read the rest of this entry »

Tags: , ,
Posted in Administration, HowTo, Networking | 22 Comments »