How to route network traffic of a host via another host?
I'm not the System Administrator of our corporate network, but I've got two Linux workstations (hosts A and B) with root access to both.
Both hosts can see each other fine (ssh, ping, etc works from one to the other). However, only host A can reach out of our corporate firewall and access the Internet etc; host B cannot.
Question: How could I have all (and not just HTTP) outgoing and incoming network traffic at host B routed via host A, without involving my System Administrator? Right now, I don't know if I would need to use NAT for host B, and/or make host A a proxy server, and/or make host A a router.
On Host B, I tried issuing a route add -host <HostA> gw <HostA's Gateway>
command, but it didn't work: I was unable to ping
www.google.com from Host B. Please pardon my ignorance on this subject of routing/networking.
You have multiple solutions to do this :
Easier way : NAT
Make A a router by allowing forwarding : sysctl net.ipv4.ip_forward=1
Put net.ipv4.ip_forward=1
in /etc/sysctl.conf to make it permanent.
Then on A, nat trafic by typing : iptables -t nat -A POSTROUTING -o ethx -j MASQUERADE
Finally on B : Route all traffic via A :
ip route del default
ip route add default via IP_of_A
Other solution : Proxify,
but you need to setup all the components to use the proxy:
On B, open an SSH connection to A with this command :
ssh -D8000 -N -f user@IP_of_A
This will open a proxy sock on B and relay all traffic via A. If you use a web browser for example, you'll need to setup a proxy sock v5 on 127.0.0.1 listening on port 8000. You will not need to setup ip forwarding or touching to routes.
I believe you will need to disable your firewall.
service iptables stop
Not sure if that is necessary on both Host A & Host B, but it did get me passed the "Destination Host Prohibited" message