Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


If I can ping the server from the client and vice versa but no internet out on client how to fix?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

If I can ping the server from the client and vice versa but no internet out on client how to fix?

lowendguy7lowendguy7 Member
edited April 2018 in Help

I am trying to setup a server to intercept my own http traffic for coding purposes to analyze the requests. I also have a client for making the requests which is pointing at the server's second internal network. Both are on lxc containers.

Server has eth0 as internet connection eth1 is another network device for internal only.

Both devices are up. Internet works on server.

On client I gave it eth1 as the gateway and have dnsmasq running on the server however when I try and ping 8.8.8.8 on client there is 100% packet loss.

I can however ping the gateway from client and I can ping the client from the server.

So what could be the problem stopping the client from accessing internet? I have set ufw rules to allow 80 and 443 and iptables show them as being there. I have mitmproxy running on 8080 but still no connections are being made on client.

So what could be at issue?

Comments

  • lowendguy7lowendguy7 Member
    edited April 2018

    This stupid attack system keeps blocking the post so I had to omit the commands I have tried.

    It was two netcats commands one for tcp and one for udp I think.

    In mitmproxy on the client, for the first command that passed there are errors in mitmproxy saying Transport endpoint not connected That is for the one that worked on the client, nothing shows up on mitmproxy for the one that hangs - understandably I guess.

    I don't really know what is going on or how to find the root problem.

  • lowendguy7lowendguy7 Member
    edited April 2018

    Oh interesting :).

    Ideally I'd like to find the root cause but if I am still hitting a brick wall and have no other input I will try this.

    Still an interesting read so far, and will be interested to try this out.

    Any tips on how to find out what is blocking the connection? I am not versed on troubleshooting networking, only just starting to learn these past few days reading up on the tools.

  • FHRFHR Member, Host Rep
    edited April 2018

    What rules do you have in the forward chain?

    Also:

    sysctl -w net.ipv4.ip_forward=1 sysctl -w net.ipv4.conf.default.rp_filter=0

  • lowendguy7lowendguy7 Member
    edited April 2018

    @FHR Thank you for reply.

    Yes I already had the first one set to 1 the second one I just changed but didn't make a difference.

    I have setup according to this article which shows what forwarding rules I have set.

    Mitmproxy listens on port 8080 and iptables forwards 80 and 443 from eth1 to 8080. I set them in ufw rules rather than iptables directly but I checked ip tables rules and they do indeed show up.

    And the error I got earlier with the netcat test showed output in mitmproxy so I presume that part is correct ? there just seems to be a blockade between the gateway and mitmproxy/the internet and really have no idea how to proceed so would love some breadcrumbs :).

  • FHRFHR Member, Host Rep
    edited April 2018

    @lowendguy7 said:
    @FHR Thank you for reply.

    Yes I already had the first one set to 1 the second one I just changed but didn't make a difference.

    I have setup according to this article which shows what forwarding rules I have set.

    Mitmproxy listens on port 8080 and iptables forwards 80 and 443 from eth1 to 8080. I set them in ufw rules rather than iptables directly but I checked ip tables rules and they do indeed show up.

    And the error I got earlier with the netcat test showed output in mitmproxy so I presume that part is correct ? there just seems to be a blockade between the gateway and mitmproxy/the internet and really have no idea how to proceed so would love some breadcrumbs :).

    I have not actually done any work with mitmproxy, but this shouldn't be hard to do.

    I assume you tried following this guide? https://docs.mitmproxy.org/stable/howto-transparent-vms/

    // EDIT: Nevermind, the guides look very similar.
    Ping does not work, okay. Have you tried actually making requests on tcp/80 or tcp/443?

    Thanked by 1lowendguy7
  • lowendguy7lowendguy7 Member
    edited April 2018

    Yes the article I linked is based off the one you linked just fleshed out somewhat. I read all (what little) that I could find on the subject and still stuck :(.

    I did with netcat yes but lowendtalk won't let me post the command I did for some reason it keeps blocking it saying it is an attack.

    Anyway netcat with -z -n -v flags worked via port 80 saying it was open but showed the error I mentioned in the OP in mitmproxy- but at least it showed some sort of communication- the only output at all I have managed to see in mitmproxy. And then netcat with -u flag just hung.

    @FHR said:

    @lowendguy7 said:
    @FHR Thank you for reply.

    Yes I already had the first one set to 1 the second one I just changed but didn't make a difference.

    I have setup according to this article which shows what forwarding rules I have set.

    Mitmproxy listens on port 8080 and iptables forwards 80 and 443 from eth1 to 8080. I set them in ufw rules rather than iptables directly but I checked ip tables rules and they do indeed show up.

    And the error I got earlier with the netcat test showed output in mitmproxy so I presume that part is correct ? there just seems to be a blockade between the gateway and mitmproxy/the internet and really have no idea how to proceed so would love some breadcrumbs :).

    I have not actually done any work with mitmproxy, but this shouldn't be hard to do.

    I assume you tried following this guide? https://docs.mitmproxy.org/stable/howto-transparent-vms/

    // EDIT: Nevermind, the guides look very similar.
    Ping does not work, okay. Have you tried actually making requests on tcp/80 or tcp/443?

Sign In or Register to comment.