redirect an ip address to localhost

yyy · Jan 3, 2005

i'd like to redirect all traffic bounded to a specific ip address to my
localhost interface, tried route "ADD <ip> MASK 255.255.255.255 127.0.0.1"
with little luck

Herb Martin · Jan 3, 2005

i'd like to redirect all traffic bounded to a specific ip address to my
localhost interface, tried route "ADD <ip> MASK 255.255.255.255 127.0.0.1"
with little luck

So you want to make sure your machine cannot send
to that address?

You have the right idea (drop the quotes if you are really using
them) but send to your OWN IP (not 127.0.0.1)....

route ADD 192.168.229.157 MASK 255.255.255.255 YOUR_OWN_IP

....or if your IP is 192.168.0.5

route ADD 192.168.229.157 MASK 255.255.255.255 192.168.0.5

You own IP is routed to the 127.0.0.1 address so it means the
same thing.

yyy · Jan 3, 2005

So you want to make sure your machine cannot send
to that address?

You have the right idea (drop the quotes if you are really using
them) but send to your OWN IP (not 127.0.0.1)....

route ADD 192.168.229.157 MASK 255.255.255.255 YOUR_OWN_IP

...or if your IP is 192.168.0.5

route ADD 192.168.229.157 MASK 255.255.255.255 192.168.0.5

You own IP is routed to the 127.0.0.1 address so it means the
same thing.

not exactly it seems, the route command (route add 81.100.216.106 mask
255.255.255.255 192.168.10.1) worked with no error, netstat -nr gave me:

Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.11.1 192.168.10.1 1
81.100.216.106 255.255.255.255 192.168.10.1 192.168.10.1 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.10.0 255.255.255.0 192.168.10.1 192.168.10.1 1
192.168.10.1 255.255.255.255 127.0.0.1 127.0.0.1 1
192.168.10.255 255.255.255.255 192.168.10.1 192.168.10.1 1
224.0.0.0 224.0.0.0 192.168.10.1 192.168.10.1 1
255.255.255.255 255.255.255.255 192.168.10.1 192.168.10.1 1
Default Gateway: 192.168.11.1

but i would have liked the traffic to be normally routed to my localhost,
and pinging 81.100.216.106 gives no reply, though you can easily ping
local interface address 192.168.10.1

Jay Somerset · Jan 3, 2005

Can you not just make an entry in the
%SystemRoot%\system32\drivers\etc\HOSTS file equating the external IP
address with 127.0.0.1? This should block all access to that IP address.

Herb Martin · Jan 3, 2005

Jay Somerset said:
Can you not just make an entry in the
%SystemRoot%\system32\drivers\etc\HOSTS file equating the external IP
address with 127.0.0.1? This should block all access to that IP address.

IP addresses are not normally resolved through
the name resolution process so this won't work
if he indeed wants to block by IP.

Herb Martin · Jan 3, 2005

not exactly it seems, the route command (route add 81.100.216.106 mask
255.255.255.255 192.168.10.1) worked with no error, netstat -nr gave me:

[snip routing table]

but i would have liked the traffic to be normally routed to my localhost,
and pinging 81.100.216.106 gives no reply, though you can easily ping
local interface address 192.168.10.1

That is your localhost (127.0.0.1) and since 192.168.10.1
routes to 127.0.0.1 that is precisely where it goes (eventually).

--
Herb Martin

So you want to make sure your machine cannot send
to that address?

You have the right idea (drop the quotes if you are really using
them) but send to your OWN IP (not 127.0.0.1)....

route ADD 192.168.229.157 MASK 255.255.255.255 YOUR_OWN_IP

...or if your IP is 192.168.0.5

route ADD 192.168.229.157 MASK 255.255.255.255 192.168.0.5

You own IP is routed to the 127.0.0.1 address so it means the
same thing.

not exactly it seems, the route command (route add 81.100.216.106 mask
255.255.255.255 192.168.10.1) worked with no error, netstat -nr gave me:

Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.11.1 192.168.10.1 1
81.100.216.106 255.255.255.255 192.168.10.1 192.168.10.1 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.10.0 255.255.255.0 192.168.10.1 192.168.10.1 1
192.168.10.1 255.255.255.255 127.0.0.1 127.0.0.1 1
192.168.10.255 255.255.255.255 192.168.10.1 192.168.10.1 1
224.0.0.0 224.0.0.0 192.168.10.1 192.168.10.1 1
255.255.255.255 255.255.255.255 192.168.10.1 192.168.10.1 1
Default Gateway: 192.168.11.1

but i would have liked the traffic to be normally routed to my localhost,
and pinging 81.100.216.106 gives no reply, though you can easily ping
local interface address 192.168.10.1

yyy · Jan 3, 2005

not exactly it seems, the route command (route add 81.100.216.106 mask
255.255.255.255 192.168.10.1) worked with no error, netstat -nr gave me:

[snip routing table]

but i would have liked the traffic to be normally routed to my localhost,
and pinging 81.100.216.106 gives no reply, though you can easily ping
local interface address 192.168.10.1

That is your localhost (127.0.0.1) and since 192.168.10.1
routes to 127.0.0.1 that is precisely where it goes (eventually).

i know what you mean, "that is precisely where it SHOULD go (eventually)",
maybe i'm missing something but it doesn't, maybe some windows-specific
tcp-ip stack implementation quirk or whatnot

it seems that 192.168.10.1 and 127.0.0.1 are not perfect "aliases" due to
internal windows architecure, a telnet call to 127.0.0.1 triggers my
firewall (kerio) but telnet 192.168.10.1 goes through unnoticed

blocking is not the ultimate goal, it's a kind of test configuration, a
closed-source application connects to a given public external machine, i'd
like to intercept that traffic with a locally set up server listening ona
given port and troubleshoot some weird issues

the route command does modify something, route add 66.102.9.99 mask
255.255.255.255 192.168.10.1 does result in connection timeout in opera
for http://www.google.com, but so does ping 66.102.9.99, and telnet
66.102.9.99 attempt to a local active server, which should give some
response if ended up routed to 127.0.0.1

Jay Somerset · Jan 4, 2005

not exactly it seems, the route command (route add 81.100.216.106 mask
255.255.255.255 192.168.10.1) worked with no error, netstat -nr gave me:

[snip routing table]

but i would have liked the traffic to be normally routed to my localhost,
and pinging 81.100.216.106 gives no reply, though you can easily ping
local interface address 192.168.10.1

That is your localhost (127.0.0.1) and since 192.168.10.1
routes to 127.0.0.1 that is precisely where it goes (eventually).

Click to expand...

i know what you mean, "that is precisely where it SHOULD go (eventually)",
maybe i'm missing something but it doesn't, maybe some windows-specific
tcp-ip stack implementation quirk or whatnot

it seems that 192.168.10.1 and 127.0.0.1 are not perfect "aliases" due to
internal windows architecure, a telnet call to 127.0.0.1 triggers my
firewall (kerio) but telnet 192.168.10.1 goes through unnoticed

It sounds as though your firewall intercepts the address before it gets
equated to 127.0.0.1 by windows. If you added 127.0.0.1 to your trusted
list, your firewall would probably pass it through without comment.
Prsumably you have your local subnet in Kerio's trusted group.

yyy · Jan 4, 2005

It sounds as though your firewall intercepts the address before it gets
equated to 127.0.0.1 by windows. If you added 127.0.0.1 to your trusted
list, your firewall would probably pass it through without comment.
Prsumably you have your local subnet in Kerio's trusted group.

yes, it might be firewall specific, the network adapter in kerio does pop
up as a subnet 192.168.10.0/255.255.255.0, the ip/subnet pair being taken
from the network interface configuration

telnet application is configured to trigger a message box on any access
(incoming trusted/internet, outgoing trusted/internet), it does not for
the whole subnet it seems, so either its buggy or it can't be done or
there's something more i'm unaware of, will have to play with the adapter
settings and see if it changes anything

but now, the routing table gives me for example:

Network Destination Netmask Gateway Interface Metric
66.102.9.99 255.255.255.255 192.168.10.1 192.168.10.1 1
192.168.10.0 255.255.255.0 192.168.10.1 192.168.10.1 1
192.168.10.1 255.255.255.255 127.0.0.1 127.0.0.1 1

the latter two entries being automatically generated based upon the
adapter configuration, the first added through route command, it's
obviously wrong,
for the redirection to work properly i would have to force the route
command on the loopback interface, which fails with an error

can it be accomplished with route ? or do i need nat for that ?

Shalom B. · Jan 9, 2005

YOu will definitely need some bi-directional address translation for
this .. if all traffic to 66.102.9.99 is routed back on to the local
loopback, it's as good as placing all traffic in the "bit bucket" or
"network black hole", all traffic to 66.102.9.99 will eventually be
dropped because the interface (127.0.0.1) will recieve the packets but
not know what to do with them. why? because 66.102.9.99 is not a
registered IP address for any interface on the system which is why you
do not get any replies for ICMP echo requests (ping) to 66.102.9.99.

$ route add 66.102.9.99 mask 255.255.255.255 127.0.0.1
The route addition failed: The parameter is incorrect.

This command is as good as saying "set this IP address as the IP address
of my interface" -- which obviously SHOULD fail.

yyy · Jan 9, 2005

On Sun, 9 Jan 2005 03:53:50 +0000 (UTC), Shalom B.

thanks. i've been "hoping" for such an answer. i seem to understand the
issue less vaguely

have NOT verified this, but had the IMPRESSION that such a thing would be
possible on a linux machine, somehow. so, is there a way to assign an
ip-alias to a local interface ? would that work ?

or does such a question imply i have still much to learn about routing and
subnets ?

yyy · Jan 13, 2005

managed to solve the issue, added another ip address in the interface
configuration dialog, and the apppropriate route popped up automatically
in 'netstat -nr', seems to be working fine

thank you for your support

redirect an ip address to localhost

yyy

Herb Martin

yyy

Jay Somerset

Herb Martin

Herb Martin

yyy

Jay Somerset

yyy

Shalom B.

yyy

yyy