Sitat av
Rusmisbrukeren
God morgen!
La meg ned og sov litt
Nå har jeg gjort det du ba meg om.
Kode
Oct 25 12:49:18 gateway kernel: [ 8625.934228] [+] NEW POSTROUTING: IN= OUT=enp0s25 SRC=192.168.10.10 DST=176.9.67.12 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=4090 DF PROTO=TCP SPT=57390 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0
Oct 25 12:49:21 gateway kernel: [ 8628.566690] [+] NEW POSTROUTING: IN= OUT=enp0s25 SRC=192.168.10.10 DST=216.58.211.142 LEN=1378 TOS=0x00 PREC=0x00 TTL=127 ID=19790 DF PROTO=UDP SPT=60389 DPT=443 LEN=1358
Oct 25 12:49:21 gateway kernel: [ 8628.620234] [+] NEW POSTROUTING: IN= OUT=enp0s25 SRC=192.168.10.10 DST=212.125.204.230 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=27006 DF PROTO=TCP SPT=57391 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0
Oct 25 12:49:21 gateway kernel: [ 8628.620348] [+] NEW POSTROUTING: IN= OUT=enp0s25 SRC=192.168.10.10 DST=212.125.204.230 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=27007 DF PROTO=TCP SPT=57392 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0
Oct 25 12:49:21 gateway kernel: [ 8628.620374] [+] NEW POSTROUTING: IN= OUT=enp0s25 SRC=192.168.10.10 DST=212.125.204.230 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=27008 DF PROTO=TCP SPT=57393 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0
Oct 25 12:49:21 gateway kernel: [ 8628.620433] [+] NEW POSTROUTING: IN= OUT=enp0s25 SRC=192.168.10.10 DST=212.125.204.230 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=27009 DF PROTO=TCP SPT=57394 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0
Oct 25 12:49:21 gateway kernel: [ 8628.620453] [+] NEW POSTROUTING: IN= OUT=enp0s25 SRC=192.168.10.10 DST=212.125.204.230 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=27010 DF PROTO=TCP SPT=57395 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0
Oct 25 12:49:21 gateway kernel: [ 8628.620484] [+] NEW POSTROUTING: IN= OUT=enp0s25 SRC=192.168.10.10 DST=212.125.204.230 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=27011 DF PROTO=TCP SPT=57396 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0
Oct 25 12:49:22 gateway named[845]: network unreachable resolving 'ns-g1.agdernett.no/AAAA/IN': 2001:7fe::53#53
Oct 25 12:49:22 gateway named[845]: network unreachable resolving 'ns1.agdernett.no/AAAA/IN': 2001:7fe::53#53
Oct 25 12:49:22 gateway named[845]: network unreachable resolving 'ns2.agdernett.no/AAAA/IN': 2001:7fe::53#53
Oct 25 12:49:22 gateway named[845]: network unreachable resolving 'ns3.agdernett.no/AAAA/IN': 2001:7fe::53#53
Oct 25 12:49:22 gateway named[845]: network unreachable resolving 'ns5.agdernett.no/AAAA/IN': 2001:7fe::53#53
Oct 25 12:49:22 gateway named[845]: network unreachable resolving 'ns6.agdernett.no/AAAA/IN': 2001:7fe::53#53
Oct 25 12:49:22 gateway named[845]: network unreachable resolving './NS/IN': 2001:7fe::53#53
Oct 25 12:49:22 gateway kernel: [ 8630.386342] [+] NEW POSTROUTING: IN= OUT=enp0s25 SRC=192.168.10.10 DST=195.88.55.87 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=1219 DF PROTO=TCP SPT=57397 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0
Vil for øvrig informere om at jeg ikke har noe imot i å la deg fjernstyre denne serveren for å eventuelt hjelpe meg hvis du orker / ønsker det. Ellers kan vi fortsette å holde oss til disse forumpostene
Ser at det står OUT=enp0s25, og det er jo hovednettverkskortet på serveren, ikke virtual0.
Forklarer dette deg noe? Hvordan løser jeg det herfra?
PS: Dette er output fra da jeg besøkte ipadresse.no
Trafikken kommer jo tydelig fram til NAT POSTROUTING chain, så eneste forslaget jeg har igjen er å prøve SNAT igjen istedenfor MASQUERADE. Selv om SNAT er beregnet for statisk IP.
Kode
ip link add link enp0s25 address 00:11:22:33:44:55 virtual0 type macvlan
ip link set virtual0 up
ip link add link enp0s25 address 00:11:22:33:44:56 virtual1 type macvlan
ip link set virtual1 up
ip link add link enp0s25 address 00:11:22:33:44:57 virtual2 type macvlan
ip link set virtual2 up
dhclient virtual0
dhclient virtual1
dhclient virtual2
iptables -t nat -A POSTROUTING -s 192.168.10.10 -o enp0s25 -j SNAT --to-source <VIRTUAL0 IP>
iptables -t nat -A POSTROUTING -s 192.168.10.15 -o enp0s25 -j SNAT --to-source <VIRTUAL1 IP>
iptables -t nat -A POSTROUTING -s 192.168.10.20 -o enp0s25 -j SNAT --to-source <VIRTUAL2 IP>
iptables -t nat -A POSTROUTING -o enp0s25 -j MASQUERADE
iptables -A FORWARD -i enp4s0 -j ACCEPT
iptables commit
Hvis ikke dette fungerer, så tror jeg du må spørre noen som driver på dette regelmessig og har bedre kunnskaper innen IP basert routing enn meg.