API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 30th, 2017
112
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 3.04 KB | None | 0 0
raw download clone embed print report
  1. $ifconfig
  2. tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
  3.           inet addr:10.0.0.1  P-t-P:10.0.0.1  Mask:255.255.255.255
  4.           inet6 addr: fe80::ce51:67bd:73e8:fe63/64 Scope:Link
  5.           UP POINTOPOINT RUNNING  MTU:1500  Metric:1
  6.           RX packets:1665 errors:0 dropped:0 overruns:0 frame:0
  7.           TX packets:1665 errors:0 dropped:0 overruns:0 carrier:0
  8.           collisions:0 txqueuelen:500
  9.           RX bytes:261471 (261.4 KB)  TX bytes:261471 (261.4 KB)
  10.  
  11. $cat /etc/sysctl.conf
  12. #
  13. # /etc/sysctl.conf - Configuration file for setting system variables
  14. # See /etc/sysctl.d/ for additional system variables.
  15. # See sysctl.conf (5) for information.
  16. #
  17.  
  18. #kernel.domainname = example.com
  19.  
  20. # Uncomment the following to stop low-level messages on console
  21. #kernel.printk = 3 4 1 3
  22.  
  23. ##############################################################3
  24. # Functions previously found in netbase
  25. #
  26.  
  27. # Uncomment the next two lines to enable Spoof protection (reverse-path filter)
  28. # Turn on Source Address Verification in all interfaces to
  29. # prevent some spoofing attacks
  30. net.ipv4.conf.default.rp_filter=0
  31. net.ipv4.conf.all.rp_filter=0
  32.  
  33. # Uncomment the next line to enable TCP/IP SYN cookies
  34. # See http://lwn.net/Articles/277146/
  35. # Note: This may impact IPv6 TCP sessions too
  36. #net.ipv4.tcp_syncookies=1
  37.  
  38. # Uncomment the next line to enable packet forwarding for IPv4
  39. net.ipv4.ip_forward=1
  40.  
  41. # Uncomment the next line to enable packet forwarding for IPv6
  42. #  Enabling this option disables Stateless Address Autoconfiguration
  43. #  based on Router Advertisements for this host
  44. #net.ipv6.conf.all.forwarding=1
  45.  
  46.  
  47. ###################################################################
  48. # Additional settings - these settings can improve the network
  49. # security of the host and prevent against some network attacks
  50. # including spoofing attacks and man in the middle attacks through
  51. # redirection. Some network environments, however, require that these
  52. # settings are disabled so review and enable them as needed.
  53. #
  54. # Do not accept ICMP redirects (prevent MITM attacks)
  55. #net.ipv4.conf.all.accept_redirects = 0
  56. #net.ipv6.conf.all.accept_redirects = 0
  57. # _or_
  58. # Accept ICMP redirects only for gateways listed in our default
  59. # gateway list (enabled by default)
  60. # net.ipv4.conf.all.secure_redirects = 1
  61. #
  62. # Do not send ICMP redirects (we are not a router)
  63. #net.ipv4.conf.all.send_redirects = 0
  64. #
  65. # Do not accept IP source route packets (we are not a router)
  66. #net.ipv4.conf.all.accept_source_route = 0
  67. #net.ipv6.conf.all.accept_source_route = 0
  68. #
  69. # Log Martian Packets
  70. #net.ipv4.conf.all.log_martians = 1
  71. #
  72. $ sudo sysctl -w net.ipv4.conf.tun0.rp_filter=0
  73. $ sudo sysctl -w net.ipv4.conf.all.rp_filter=0
  74. $ sudo sysctl -w net.ipv4.ip_forward=1
  75. $ sudo ip route add default dev tun0 table John
  76. $ ip rule
  77. 0:      from all lookup local
  78. 32766:  from all lookup main
  79. 32767:  from all lookup default
  80. $ sudo ip rule add fwmark 0x1 table John
  81. $ sudo iptables -t mangle -I OUTPUT -o wlp2s0 -j MARK --set-mark 1
  82. $ ping -c 1 8.8.8.8
  83. fails
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!