this post was submitted on 04 Oct 2024
18 points (100.0% liked)

Linux

48652 readers
1025 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

Ok I know this sounds crazy but it's all about Linux and iptables all the way

I'm using a rooted android phone as a VPN router to keep confidential traffic separated between networks

A and B are in the same network, B provides a separate network for C

Device A: Linux ip 192.168.15.32 wlan0 Device B: rooted Android phone with Termux and VPN Hotspot wlan0 ip 192.168.15.21 wlan1 ip 192.168.38.173

Device C: Windows 10 with RDP wlan1 ip 192.168.15.176

I've tried the following

A: sudo ip route add 192.168.38.0/24 via 192.168.15.21 dev enp1s0

B: Termux, su: sysctl -w net.ipv4.ip_forward=1


iptables -t nat -A POSTROUTING -s 192.168.38.0/24 -o wlan0 -j MASQUERADE
iptables -A FORWARD -i wlan0 -o wlan1 -s 192.168.15.0/24 -d 192.168.38.0/24 -j ACCEPT
iptables -A FORWARD -i wlan1 -o wlan0 -s 192.168.38.0/24 -d 192.168.15.0/24 -j ACCEPT

C: default route via 192.168.38.173 metric 1

C is solely seeing the internet from B's VPN, and can even access wlan0's router, meaning it has access to its internal network. C can ping B, B can ping C

B can ping A and C

A can ping B, but not C, which also means no RDP access

What am I missing ?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 2 months ago

so it seems that without any config, the traffic passes from wlan1 to wlan0's network flawlessly; but traffic from wlan0 network stops at the Android device, even with iptables -P FORWARD ACCEPT, so I'm clueless on what to do next