| 1 |
On 17/06/2010 08:26, Rod wrote: |
| 2 |
> Check out iproute |
| 3 |
>> * sys-apps/iproute2 |
| 4 |
>> Latest version available: 2.6.31 |
| 5 |
>> Latest version installed: 2.6.31 |
| 6 |
>> Size of files: 363 kB |
| 7 |
>> Homepage: |
| 8 |
>> http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2 |
| 9 |
>> |
| 10 |
>> Description: kernel routing and traffic control utilities |
| 11 |
>> License: GPL-2 |
| 12 |
|
| 13 |
It certainly looks relevant - though I've not previously come across this... |
| 14 |
|
| 15 |
> This will allow you to control the flow of packets, so packets |
| 16 |
> from Interface 1 will go back out the same interface. |
| 17 |
I'm less clear about this bit... I don't suppose you can point me at a |
| 18 |
how-to for the configuration of this? |
| 19 |
|
| 20 |
> This is used in conjunction with iptables, as iptables is the |
| 21 |
> firewall, and iproute is the packet classifyer/handler |
| 22 |
While rusty, I think I can do the iptables stuff... I've definitely done |
| 23 |
similar things with it before. |
| 24 |
|
| 25 |
> I was using this when I had 2 Internet accounts, a slow speed ADSL |
| 26 |
> with static IP, and a cable BB one for the usual stuff (dynamic IP) |
| 27 |
|
| 28 |
My situation is vaguely similar... I've one high-speed link at home with |
| 29 |
only dynamic IP - and I've got rack-mounted server with multiple static |
| 30 |
IPs, one of which I want to use from home in order to run a mail-server, |
| 31 |
revision control service and various web-services... keeping all the |
| 32 |
data on hardware I physically control... access is always encrypted - so |
| 33 |
I retain my privacy, no matter what happens to my remotely hosted |
| 34 |
service (including packet-sniffing etc.) and the worst case scenario is |
| 35 |
denial of service - which is an acceptable risk. |
| 36 |
|
| 37 |
While I've established the tunnel, I'm tearing my hair out trying to |
| 38 |
configure routing so that only remote access to services on my home box |
| 39 |
(and not my home box's web-browsing etc.) are routed over the VPN. I'm |
| 40 |
sure it has to be more straightforward than it appears. :-S |
Archives