I have an Ubuntu server with two network interfaces - an ethernet and a WiFi network let's call eth0 and wlan0. So far I've been able to set it up as a router by enabling packet forwarding and then doing some iptables trickery. These are my iptable commands:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth0 -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
If I'm understanding correctly, the first command says "if you receive packets from a device, do NAT and then forward them with your IP", the second one says to forward packets from eth0 to eth0, and the last line says "if you get packets back, only accept them if a connection has already been previously established". This Ubuntu server is connected to a router which is connected to a modem that actually has internet access. I've set it up so that my router uses my Ubuntu server as the default gateway during DHCP requests. This works fine, I'm able to use devices to connect to the internet, and if I do a trace route, it first goes to the Ubuntu server, then to the router, then out into the great beyond.
Now, I've run:
iptables -D FORWARD -i eth0 -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT
iptables -A FORWARD -i wlan0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
Which, if I'm understanding correctly, should forward packets through to the WiFi interface instead, but it isn't working. I'm still able to access other devices on the network but not the open internet. I also tried doing iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
which as far as I can tell is unnecessary, but that didn't do anything. When I do trace route this time, it is able to get to the Ubuntu server but no further. I've also tried doing iptables -L -v
but neither the wlan0 -> eth0 rule or the reverse have any packet count. I also tried doing iptables -A FORWARD -i lan0 -o wlan0 -j LOG --log-prefix "FORWARD: "
to just log it first, but nothing shows up in /var/log/syslog even if I try to connect to the internet from a device.
I'm at a loss here so any help even debugging or if I'm going about this wrong would be greatly appreciated. My ultimate goal is to set up a failover so that if the LAN interface doesn't have a connection, it'll start sending packets through the WiFi interface which will be connected to a different internet connection.
I have a fairly old router that doesn’t support gigabit. I also have a network switch that does support gigabit. If I connect two devices directly to the switch, then connect the switch up to the router, will the connection between the two devices support gigabit? If I’m understanding correctly the router would just act as DHCP server and give the two devices a local IP address, but the actual connection between them wouldn’t go through the router at all.
I'm planning to migrate my email to a different provider, but they don't give much storage, so I was wondering what people would recommend for this kind of setup: basically I'd like to use the new provider as something like a relay. I'd want them to only store an email or two at a time and have some kind of self hosted solution that just grabs the emails from the provider and stores them after deleting them off the provider so it's never storing my entire email history, and also keeps my sent emails somewhere so that I have a copy of it. Ideally I'd wanna be able to set this up with a mail client like NextCloud's.
EDIT: Thanks for the info guys! Very excited to get this all set up
At the moment I have a bunch of self-hosting services hosted in the cloud. I plan to get rid of my cloud resources entirely and run stuff on some server hardware I acquired recently but my ISP doesn't give me a static IP and I'm behind a NAT or whatever it's called (the thing that makes multiple people's home connections be behind a single public IP) so I don't think I can even expose directly to the internet. So my plan is to have a very small and cheap server at a data center and proxy my actual server behind that.
My question is, is there a way that I can set things up so that the same domain can connect directly to the server when I'm at home, and to the proxy when I'm not? The difference would be what connection I'm connected to (my home WiFi vs 5G/others' WiFi). I'm thinking I could maybe run DNS on the server and configure my router to use that as a DNS server, but wouldn't my phone/laptop cache DNS entries? So it'd still try to connect to the local IP even when I'm out.
@jcg
@halubilo.social