是否可以执行命令“whois”并选择查询的传出IP?
我已经在我的网络接口“/etc/network/interfaces”上为 ssl porpuses 安装了多个 IP,但也可以使用它们进行查询。
IPv6 也能做到这一点吗?
我现在用 NAT66 修补了内核,但仍然不知道如何通过 ipv6 设置查询?
非常感谢!
答案1
对于第一次误解这个问题,我们深表歉意...您应该使用iptablesSNAT 将源地址转换为您的 SSL 地址。我在 eth0 上添加了另一个接口地址 (172.16.61.5/29) 以模拟相同的动态...
从 172.16.61.5 获取 IPv4 whois 查询
之前(嗅探查询whois -h whois.arin.net <address>):
[mpenning@Bucksnort ~]$ sudo tshark -i eth0 tcp and port 43
Running as user "root" and group "root". This could be dangerous.
Capturing on eth0
0.000000 172.16.61.6 -> 199.71.0.49 TCP 55089 > nicname [SYN] Seq=0 Win=5840 Len=0
注意我的源地址是172.16.61.6...
将所有 TCP 流量的源地址设置为tcp/43:
# Send all IPv4 whois queries from 172.16.61.5
sudo ip addr add 172.16.61.5/29 dev eth0
sudo iptables -t nat -A POSTROUTING -o eth0 -p TCP --dport 43 -j SNAT --to-source 172.16.61.5
sudo iptables -t nat -vnL
之后(嗅探查询whois -h whois.arin.net <address>):
现在我的地址是172.16.61.5...
[mpenning@Bucksnort ~]$ sudo tshark -i eth0 tcp and port 43
Running as user "root" and group "root". This could be dangerous.
Capturing on eth0
0.000000 172.16.61.5 -> 199.71.0.49 TCP 55091 > nicname [SYN] Seq=0 Win=5840 Len=0
要从表中删除规则...
# Remove the rule... (assuming it is the first nat POSTROUTING rule...)
sudo iptables -D POSTROUTING 1 -t nat
从 2607:fcff:1001:100:202:55ff:dead:beef 获取 IPv6 whois 查询
IPv6 选项需要内核NAT66... 看HE.net的NAT66安装说明和Packetpushers:感谢 NAT66
# IF you have an SNAT66 kernel...
# Send all IPv6 whois queries from 2607:fcff:1001:100:202:55ff:dead:beef
sudo ip -6 addr add 2607:fcff:1001:100:202:55ff:dead:beef/64 dev eth0
sudo ip6tables -t nat66 -A POSTROUTING -o eth0 -p TCP --dport 43 -j SNAT66 --to-source 2607:fcff:1001:100:202:55ff:dead:beef
sudo ip6tables -t nat66 -vnL
# Remove the rule... (assuming it is the first nat POSTROUTING rule...)
sudo ip6tables -D POSTROUTING 1 -t nat66
我现在没有时间证明这NAT66部分......我的研究表明上面的语法是正确的