All of lore.kernel.org
 help / color / mirror / Atom feed
* [LARTC] Hide IP for some users
@ 2002-01-25  8:30 Joachim Wickman
  2002-01-25  8:39 ` Patrick McHardy
                   ` (3 more replies)
  0 siblings, 4 replies; 5+ messages in thread
From: Joachim Wickman @ 2002-01-25  8:30 UTC (permalink / raw)
  To: lartc

Hello

Is it possible to assign a couple of IPs to some users on the box, so when
they ftp, ircs or something the servers they connect to doesn't see my IP,
but only the assigned IPs ??

It seems like it´s possible, but haven't had any luck with it.

// Joachim





_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [LARTC] Hide IP for some users
  2002-01-25  8:30 [LARTC] Hide IP for some users Joachim Wickman
@ 2002-01-25  8:39 ` Patrick McHardy
  2002-01-25 17:29 ` Joachim Wickman
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 5+ messages in thread
From: Patrick McHardy @ 2002-01-25  8:39 UTC (permalink / raw)
  To: lartc

hi!
You could mark the packets with the iptables owner extension
(-m owner --gid-owner lusers), make some aliased interfaces
and user the netfilter mark to route them out of these.
hope that helps,
patrick

Joachim Wickman schrieb:
> 
> Hello
> 
> Is it possible to assign a couple of IPs to some users on the box, so when
> they ftp, ircs or something the servers they connect to doesn't see my IP,
> but only the assigned IPs ??
> 
> It seems like it´s possible, but haven't had any luck with it.
> 
> // Joachim
> 
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [LARTC] Hide IP for some users
  2002-01-25  8:30 [LARTC] Hide IP for some users Joachim Wickman
  2002-01-25  8:39 ` Patrick McHardy
@ 2002-01-25 17:29 ` Joachim Wickman
  2002-01-25 17:55 ` Fabrice Peix
  2002-01-26 23:02 ` Martin Devera
  3 siblings, 0 replies; 5+ messages in thread
From: Joachim Wickman @ 2002-01-25 17:29 UTC (permalink / raw)
  To: lartc


I thought so too, but can't get it to work. So I was thinking maybe I'm
doing something wront.. 

This is what I came up with.

iptables -t mangle -A OUTPUT -m owner --uid-owner 1006 -j MARK --set-mark
0x15
ip rule add fwmark 0x15 table vhost1
ip ro add default via 192.168.10.2 src 192.168.10.8 dev eth0 table vhost1
ip ro f ca


But no success... All trafic is still going out the box from my IP and not
the virtual.


On Fri, 25 Jan 2002, Patrick McHardy wrote:

> hi!
> You could mark the packets with the iptables owner extension
> (-m owner --gid-owner lusers), make some aliased interfaces
> and user the netfilter mark to route them out of these.
> hope that helps,
> patrick
> 
> Joachim Wickman schrieb:
> > 
> > Hello
> > 
> > Is it possible to assign a couple of IPs to some users on the box, so when
> > they ftp, ircs or something the servers they connect to doesn't see my IP,
> > but only the assigned IPs ??
> > 
> > It seems like it´s possible, but haven't had any luck with it.
> > 
> > // Joachim
> > 
> > _______________________________________________
> > LARTC mailing list / LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/
> 

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [LARTC] Hide IP for some users
  2002-01-25  8:30 [LARTC] Hide IP for some users Joachim Wickman
  2002-01-25  8:39 ` Patrick McHardy
  2002-01-25 17:29 ` Joachim Wickman
@ 2002-01-25 17:55 ` Fabrice Peix
  2002-01-26 23:02 ` Martin Devera
  3 siblings, 0 replies; 5+ messages in thread
From: Fabrice Peix @ 2002-01-25 17:55 UTC (permalink / raw)
  To: lartc

On Fri, 25 Jan 2002 10:30:11 +0200 (EET)
Joachim Wickman <jwickman@tawi.fi> wrote:

> Hello
> 
> Is it possible to assign a couple of IPs to some users on the box, so
> when they ftp, ircs or something the servers they connect to doesn't see
> my IP, but only the assigned IPs ??
> 
> It seems like it´s possible, but haven't had any luck with it.
> 
> // Joachim
I am not sure what you  want to  do ...
But if you  want to assign the same source address for all connection you
must use the SAME patch. the syntax is

iptable -t nat A POSTROUTING -j SAME -to oldaddr-newaddr

where 
	oldaddr = X.X.X.X your ip address
 	newaddr = X.X.X.X your visible ip address

PS : perhaps now this patch is include in standart distribution ?

> 
> 
> 
> 
> 
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO:
> http://ds9a.nl/lartc/ 
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [LARTC] Hide IP for some users
  2002-01-25  8:30 [LARTC] Hide IP for some users Joachim Wickman
                   ` (2 preceding siblings ...)
  2002-01-25 17:55 ` Fabrice Peix
@ 2002-01-26 23:02 ` Martin Devera
  3 siblings, 0 replies; 5+ messages in thread
From: Martin Devera @ 2002-01-26 23:02 UTC (permalink / raw)
  To: lartc

yes and use iproute2 "src" command to select the sourse ip
for outgoing traffic
devik

On Fri, 25 Jan 2002, Patrick McHardy wrote:

> hi!
> You could mark the packets with the iptables owner extension
> (-m owner --gid-owner lusers), make some aliased interfaces
> and user the netfilter mark to route them out of these.
> hope that helps,
> patrick
> 
> Joachim Wickman schrieb:
> > 
> > Hello
> > 
> > Is it possible to assign a couple of IPs to some users on the box, so when
> > they ftp, ircs or something the servers they connect to doesn't see my IP,
> > but only the assigned IPs ??
> > 
> > It seems like it´s possible, but haven't had any luck with it.
> > 
> > // Joachim
> > 
> > _______________________________________________
> > LARTC mailing list / LARTC@mailman.ds9a.nl
> > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/
> 
> 

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/

^ permalink raw reply	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2002-01-26 23:02 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-01-25  8:30 [LARTC] Hide IP for some users Joachim Wickman
2002-01-25  8:39 ` Patrick McHardy
2002-01-25 17:29 ` Joachim Wickman
2002-01-25 17:55 ` Fabrice Peix
2002-01-26 23:02 ` Martin Devera

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.