kyle lanson wrote:
kyle lanson wrote:
Hello,
A bit off topic, but I'm just wondering if there's anything in the
kernel that might help me on this problem.
I need to construct a scenario where I can exercise my firewall
rules without having a separate client machine. Assume my only network
interface is eth0, and in my firewall rules, I allow ssh traffic but
not telnet on this interface. Is there anyway I can test this without
having a real client machine (I don't want a virtual machine either)
that can generate ssh and telnet traffic and exercise the firewall
rules?
I'm imagining having a virtual network interface that can forward
network traffic to eth0 and back. How can I set it up? Thanks.
KL
Packet generator?
Packet generator might do, but it's fairly limited. I can't really connect to ssh or telnet port without having to do a lot of mangling. What I was really looking for is a virtual network interface, say vi0, e.g., with an ip address of 10.10.0.1/24. So whenever I send packets to this address, I can do a bit of magic in the firewall rules to have the packets forwarded to my real network interface, eth0, as if the packets were coming from the outside network. Is this possible? Is there such a thing?
--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive: http://mail.nl.linux.org/kernelnewbies/
FAQ: http://kernelnewbies.org/faq/
I have try to implement a virtual netcard, but failed, because when a
packet was coming from outside network, it is alway the _real_
netcard's ISR was called. and unfortunately , we can't modify the
_real_ netcard's ISR at all. But as I know, kernel supply a mechanism
to bridge link netcards, maybe you can research it and find more.
BR
lyb
--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive: http://mail.nl.linux.org/kernelnewbies/
FAQ: http://kernelnewbies.org/faq/
