#StackBounty: #networking Interfaces with non-physical interfaces

Bounty: 100

I found a rather big difference between some boxes I have (some are debian… some ubuntu), and I’m not sure why… or what the fix might be.

Essentially… if I create an “iface” entry in interfaces that doesn’t actually exist with my own configuration to bring the interface up & down… ubuntu complains

user@blah:~# sudo ifup mgmt
Cannot find device "mgmt"
Failed to bring up mgmt.

the interface is defined in ubuntu as such:

iface mgmt inet manual
  up ip netns add mgmt
  up ip link set eth2 netns mgmt
  up ip netns exec mgmt ifconfig eth2 10.0.0.19/24 up
  down ip netns exec mgmt ifconfig eth2 down
  down ip netns exec mgmt ip link set eth2 netns 1
  down ip netns delete mgmt

If I do the same thing on debian… the interface comes up with no issues. The odd thing is that if I don’t have the mgmt interface defined… I get a completely different error:

Ignoring unknown interface mgmt=mgmt.

Running the same thing with the verbose flag… shows ubuntu is trying to bring the interface up before anything else is done. No clue why.


Get this bounty!!!

#StackBounty: #networking #dns #ip #connection #internet-connection Domain suddenly not resolving on ISP's default DNS server

Bounty: 50

Domain resolves fine on other ISPs and in Google DNS (8.8.8.8) however there’s this one ISP that suddenly is having issues on a server where we host our domains.

When I gave them some sample domains, they were able to fix it but the rest of the domains that I didn’t mention still wasn’t resolving. So I think they only did a “manual” bandaid fix (maybe kinda like manually editing the IPs in your Windows hosts file, not sure, hopefully not).

I want to them fix the issue properly. I’m not sure what’s going on their end but it gives me the impression they are clueless about the real cause of the problem since the other domains that I didn’t mention are not resolving.

Ideally, what troubleshooting steps should they take on their end to properly fix the issue?


Get this bounty!!!

#StackBounty: #networking #dns #ip #connection #internet-connection Domain suddenly not resolving on ISP's default DNS server

Bounty: 50

Domain resolves fine on other ISPs and in Google DNS (8.8.8.8) however there’s this one ISP that suddenly is having issues on a server where we host our domains.

When I gave them some sample domains, they were able to fix it but the rest of the domains that I didn’t mention still wasn’t resolving. So I think they only did a “manual” bandaid fix (maybe kinda like manually editing the IPs in your Windows hosts file, not sure, hopefully not).

I want to them fix the issue properly. I’m not sure what’s going on their end but it gives me the impression they are clueless about the real cause of the problem since the other domains that I didn’t mention are not resolving.

Ideally, what troubleshooting steps should they take on their end to properly fix the issue?


Get this bounty!!!

#StackBounty: #networking #dns #ip #connection #internet-connection Domain suddenly not resolving on ISP's default DNS server

Bounty: 50

Domain resolves fine on other ISPs and in Google DNS (8.8.8.8) however there’s this one ISP that suddenly is having issues on a server where we host our domains.

When I gave them some sample domains, they were able to fix it but the rest of the domains that I didn’t mention still wasn’t resolving. So I think they only did a “manual” bandaid fix (maybe kinda like manually editing the IPs in your Windows hosts file, not sure, hopefully not).

I want to them fix the issue properly. I’m not sure what’s going on their end but it gives me the impression they are clueless about the real cause of the problem since the other domains that I didn’t mention are not resolving.

Ideally, what troubleshooting steps should they take on their end to properly fix the issue?


Get this bounty!!!

#StackBounty: #networking #dns #ip #connection #internet-connection Domain suddenly not resolving on ISP's default DNS server

Bounty: 50

Domain resolves fine on other ISPs and in Google DNS (8.8.8.8) however there’s this one ISP that suddenly is having issues on a server where we host our domains.

When I gave them some sample domains, they were able to fix it but the rest of the domains that I didn’t mention still wasn’t resolving. So I think they only did a “manual” bandaid fix (maybe kinda like manually editing the IPs in your Windows hosts file, not sure, hopefully not).

I want to them fix the issue properly. I’m not sure what’s going on their end but it gives me the impression they are clueless about the real cause of the problem since the other domains that I didn’t mention are not resolving.

Ideally, what troubleshooting steps should they take on their end to properly fix the issue?


Get this bounty!!!

#StackBounty: #networking #dns #ip #connection #internet-connection Domain suddenly not resolving on ISP's default DNS server

Bounty: 50

Domain resolves fine on other ISPs and in Google DNS (8.8.8.8) however there’s this one ISP that suddenly is having issues on a server where we host our domains.

When I gave them some sample domains, they were able to fix it but the rest of the domains that I didn’t mention still wasn’t resolving. So I think they only did a “manual” bandaid fix (maybe kinda like manually editing the IPs in your Windows hosts file, not sure, hopefully not).

I want to them fix the issue properly. I’m not sure what’s going on their end but it gives me the impression they are clueless about the real cause of the problem since the other domains that I didn’t mention are not resolving.

Ideally, what troubleshooting steps should they take on their end to properly fix the issue?


Get this bounty!!!

#StackBounty: #networking #ssh #proxy #git #firewall How can I see the proxy configurations of an SSH command in git bash?

Bounty: 50

I’m having issues with SSHing through a corporate proxy.

In my Windows environment – SSH works fine:

$ ssh -v git@github.com
OpenSSH_7.5p1, OpenSSL 1.0.2k  26 Jan 2017
debug1: Reading configuration data /c/Users/davidj/.ssh/config
debug1: /c/Users/davidj/.ssh/config line 2: Applying options for github.com
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to github.com [192.30.255.112] port 22.
debug1: Connection established.
...

Now in my Windows taskbar, there’s an ISA Server Firewall client. If I uncheck ‘Enable Microsoft Firewall Client for ISA Server’ then my SSH attempt will fail.

$ ssh -v git@github.com
OpenSSH_7.5p1, OpenSSL 1.0.2k  26 Jan 2017
debug1: Reading configuration data /c/Users/davidj/.ssh/config
debug1: /c/Users/davidj/.ssh/config line 2: Applying options for github.com
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to github.com [192.30.255.112] port 22.
debug1: connect to address 192.30.255.112 port 22: Connection timed out

So this is all well and good for working in the Windows environment – I just need to enable the firewall client.

My problem is that I’m trying to work within a Ubuntu VM on Virtual Box.

The Virtual Box network adapter is NAT, with no port forwarding.

In the VM HTTP traffic works fine, so long as I’ve set network proxy for HTTP and HTTPS in Ubuntu.

However, SSH here will give me connection refused:

david@david-VirtualBox:~$ ssh -vvv git@github.com
OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, OpenSSL 1.0.2g  1 Mar 2016
debug1: Reading configuration data /home/david/.ssh/config
debug1: /home/david/.ssh/config line 2: Applying options for github.com
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "github.com" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to github.com [192.30.255.113] port 22.

Is there a way of debugging here how my Windows is able to SSH to the outside world?


Get this bounty!!!

#StackBounty: #networking #ubuntu #socat How to keep socat alive using keepalive option

Bounty: 50

I have this socat command that is running fine, but when no data is transfered, it is dying after exactly 5 minutes and I don’t understand why as I’ve set it up to send 100 keepalive every 10 seconds after the first 10 seconds. From what I understood of the socat man page, that should keep it alive for 1000s which is 16 minutes. Also, if I try to set keepcnt to 200, I get “setsockopt(7, 6, 6, {200}, 4): Invalid argument” but nowhere on internet could I find what is the max value for that argument so I think I must be missing something very obvious here.
Experimenting more with the arguments never changed the timeout value of 5mn. Setting lower value for keepcnt and higher values of keepintvl is accepted but simply has no visible effect.

socat -d -d -d -v pty,link=/tmp/lp1 tcp:192.168.0.5:9100,reuseaddr,keepalive,keepidle=10,keepintvl=10,keepcnt=100
2017/05/31 08:53:01 socat[16065] I This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/)
2017/05/31 08:53:01 socat[16065] I This product includes software written by Tim Hudson (tjh@cryptsoft.com)
2017/05/31 08:53:01 socat[16065] I setting option "symbolic-link" to "/tmp/lp1"
2017/05/31 08:53:01 socat[16065] I openpty({5}, {6}, {"/dev/pts/1"},,) -> 0
2017/05/31 08:53:01 socat[16065] N PTY is /dev/pts/1
2017/05/31 08:53:01 socat[16065] I setting option "so-keepalive" to 1
2017/05/31 08:53:01 socat[16065] I setting option "tcp-keepidle" to 10
2017/05/31 08:53:01 socat[16065] I setting option "tcp-keepintvl" to 10
2017/05/31 08:53:01 socat[16065] I setting option "tcp-keepcnt" to 100
2017/05/31 08:53:01 socat[16065] N opening connection to AF=2 192.168.0.5:9100
2017/05/31 08:53:01 socat[16065] I starting connect loop
2017/05/31 08:53:01 socat[16065] I socket(2, 1, 6) -> 7
2017/05/31 08:53:01 socat[16065] N successfully connected from local address AF=2 192.168.0.4:56482
2017/05/31 08:53:01 socat[16065] I resolved and opened all sock addresses
2017/05/31 08:53:01 socat[16065] N starting data transfer loop with FDs [5,5] and [7,7]
2017/05/31 08:58:01 socat[16065] N socket 2 (fd 7) is at EOF
2017/05/31 08:58:02 socat[16065] I poll timed out (no data within 0.500000 seconds)
2017/05/31 08:58:02 socat[16065] I close(5)
2017/05/31 08:58:02 socat[16065] I shutdown(7, 2)
2017/05/31 08:58:02 socat[16065] N exiting with status 0


Get this bounty!!!

#StackBounty: #networking #dns Is there an easy way to make a local client on a local machine talking to a local server think that it i…

Bounty: 50

I have a local (HTTP) server running on my (Linux) machine (listening on 127.0.0.1:port) and a local application that connects to it as a client. Both the server and client applications are proprietary and I can only change some basic config for both. I have had this set up working fine until recently when the client application was updated. The client application now seems to require that the server it connects to must be “on the internet” so it is disallowing connections to 127.0.0.1 and other “local-like” addresses such as 10.0.. and 192.168...

As a workaround, I am now using ngrok to get a remote address for my local server and the client application happily works with that. However, that is a manual/slow process to run ngrok and update the client application’s config and it requires an internet connection and going through ngrok’s servers.

I am wondering if there is a way to “fake” an “internet-like” IP address to resolve directly to my local machine.

I have looked into “dynamic DNS” solutions but they require changes to router config that I often don’t have control over.

What I am thinking is along the lines of setting some porn site’s “internet-like” IP to “resolve” to my local machine on my local machine using some kind of “virtual network adapter” BUT I don’t want to spend a lot of time building such a set up. Hence, the question, is there an EASY way to do this?


Get this bounty!!!

#StackBounty: #linux #networking #openvpn #iptables #raspberry-pi Using Raspberry PI as OpenVPN router for Asterisk

Bounty: 100

So, I’ve been banging my head with this for quite some time.

I have the following configuration:

  • OpenVPN server, IP 1.2.3.1
  • Asterisk server, connected to OpenVPN server, IP 1.2.3.3
  • Raspberry PI, local interface 192.168.0.17, connected to OpenVPN IP 1.2.3.6
  • IP Telephone in the same local network as Raspberry PI, local ip 192.168.0.81

Networks are configured as follows:

  • Local connection on raspberry is eth0
  • Raspberry has additional virtual interface eth0:1 with ip 192.168.0.91
  • OpenVPN connection on raspberry is tun0
  • Telephone has local ip 192.168.0.81 and gateway set to 192.168.0.91 (raspberry)

On the raspberry, iptables is as follows:

#Empty all routing tables
sudo iptables -t nat -F
sudo iptables -F

#Masquerade all traffic leaving tun0 as if coming from 1.2.3.6
sudo iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE

#redirect all traffic coming from eth0:1 to tun0
sudo iptables -A FORWARD -i eth0:1 -o tun0 -j ACCEPT

#redirect all traffic coming from tun0 to eth0:1
sudo iptables -A FORWARD -i tun0 -o eth0:1 -j ACCEPT

#Modify all packets coming to tun0 to forward then to the IP telephone
sudo iptables -t nat -A PREROUTING -i tun0 -j DNAT --to-destination 192.168.0.81

So, I can call and I can receive calls (I have another laptop that is connected directly to VPN server and uses Zoiper for test). I can call the telephone and from telephone and audio from telephone to laptop works, but there is no incoming audio on the telephone whatsoever.

What am I doing wrong?


Get this bounty!!!