mangling

All posts tagged mangling

I’ve whipped up a script to backup Edgemax/Vyatta routers and push it to a RCS system, download a copy here

Prerequesites

sshpass (Sourceforge page)
bzr here (or something else like CVS/Git)

Usage

./edgemax-backup.sh <userid> <passwd> <router IP address> <filename>

Notes

Whilst it’s not a great idea to embed SSH passwords in scripts, you could use SSH keys with a bit of jiggery pokery of the script, it’s upto you, personally I only allow access to ssh from the my trusted management platforms and even the above user SSH userid could be restricted to only allow “show configuration”

* Big thanks to [email protected] for allowing me access to his test box for final testing.

#dayjob

Some days you just need to do a bit of packet mangling and you don’t want to
write loads of DNAT/SNAT statements, so why not just use the NETMAP target

Take this example (The IP addresses have been changed to protect the innocent)


iptables -t nat -A PREROUTING -d 192.168.55.0/24 -j NETMAP --to 195.44.12.0/24
iptables -t nat -A POSTROUTING -d 195.44.12.0/24 -j NETMAP --to 192.168.55.0/24

It allows you to translate entire networks on a 1:1 mapping basis, so 192.168.55.1
maps to 195.44.12.1 and 192.168.55.2 maps to 195.44.12.2 and so on and so on.

Simples

(Oh and the Postrouting line is for the SNAT on the way back btw)