A client usually uses a port from the upper port range (larger than 1023). well known ports at IANA or well known ports at Wikipedia. Server processes are usually using standardised ports, so called 'well known ports', c.f. Therefore connections are uniquely defined by their endpoints (=sockets), a connection sends data from the clients socket to the server socket and vice versa, for example from the socket with IP 123.123.123.123, port 65432 to the socket with IP 112.112.112.112, Port 80 as it may occur for a browser on 123.123.123.123 that connects to a http-server on 112.112.112.112. The combination of IP-address and port number is called socket and is unique. For example a http-Server uses port number 80, SSH uses port 22 and so on. For our purposes it is sufficient to know that each (networking) processes uses its own port number(s). TCP at Wikipedia and UDP at Wikipedia and the linked resources there. Once again further details can be found at various locations, e.g. Once an IP packet is received the receiver has to assign the data to a process, which is the role of the transport layer, in our case TCP and UDP. Our main focus will be on the two fields Source Address and Destination Address because they are containing - nomen est omen - the IP addresses of the source and the destination respectively. I will restrict my considerations to IP-packets using TCP/UDP for the transport layer since these are the most common ones.Ī detailled description of the structure of IP-packets can be found at various locations, e.g. Packets within a networkīefore we start to manipulate packets we have to take at look at their main attributes. However, I do not claim my presented solutions to be the most intelligent, most powerful or the most ingenious ones, they shall rather be understood as a proof of concept.
#PRIVATE INTERNET ACCESS LINUX COMMAND LIN E HOW TO#
After that I would like to present some further possibilities like redirection or how to circumvent restrictive proxies.
After a short overview of the possibilities of the (Linux-)kernel I will jump right into the main area of application of NAT, namely the connection of a private subnet to the internet using a router (in our case a linux machine with iptables). This introduction does not claim to be complete or covering all details, its main purpose is to provide the reader a feeling for what is possible and meaningful in modern computer networks and what is not.įirst of all the structure of an IP-packet will be considered. This tutorial should explain what Network Address Translation is about, what to use it for and how to configure it under Linux (or more generally Unix-derivates). Network Address Translation generally involves "re-writing the source and/or destination addresses of IP packets as they pass through a router or firewall" (from ) NAT - Network Address Translation Introduction
0 kommentar(er)
