0

i`m in a lan using iptables/masquerade. what i want to do, is to login in a web application.i write my user and passwd and click login and everything is fine, but if i try to modify something in that aplication it tells me that i have a wrong ip address.i knwo for sure that this app only allows ip 10.3.x.x .how can i trick that application to think that i have an ip from class 10.3.x.x and not my wan ip? 10x sorry for my bad english!

4 Answers4

1

If you don't actually own an IP address in the subnet where the server wants it to be, there's just nothing you can do about that.

You could assign one of those addresses to your computer, but the router(s) in the middle would just discard your packets.

Massimo
  • 68,714
  • 56
  • 196
  • 319
0

You can't. Sorry. What you are trying to do is lie to the server, and the server isn't going to believe anything but where the connection comes in from.

Michael Graff
  • 6,588
  • 1
  • 23
  • 36
0

Short answer is: you can't.

Long answer: You can spoof your IP address to virtually everything you want (I could ping you while you'd see the the IP of the White House as the origin (don't worry, Barrack, I'm not actually doing that! ;-)). The problem with that is, that your computer will answer to the spoofed IP address, which I do not control. Hence, I'll never get any response. This will not help you much.

The only way to use and IP in the 10.3.x.x range and be able to set up a real, proper TCP connection is by actually having an address in that range on your box and your router(s) configured to route it. Else, you're out of luck.

If you do control (some parts of) the network, you could set up a VPN or something. That would help you conquer this problem.

wzzrd
  • 10,269
  • 2
  • 32
  • 47
  • hei wizard 10x for the answer.in my first days with linux and iptables i configured my router firewall somehow different.what i mean is that i never use masquerade.i copied it from somewhere..i was tring to understnad something but i did not at that time.that firewall was reporting my ip address everywhere as 192.168.1.x. so if i would change my local subnets to 10.3.x.y and the i`ll route them the same "WAY" would it work?!?!? The problem is that i don`t know the WAYs routing name?do you have any ideea? is this what your trying to tell me? 10q. –  May 27 '10 at 08:09
  • what do you mean by "acually having an address in that range on your box and your router configured to route it"? As i sad i know that are at least 2 kinds of routing methods.i know that masquerade does work in this case and i understand why.everything i can think about is the other method to for routing a 10.3.x.y ip.is that correct?(as i sad i`m sorry for my bad english i hope u understand what i mean) 10q. –  May 27 '10 at 08:14
0

If it's an application you're supposed to have access to, contact the administrator who runs the application and ask them to add an exception to allow your IP address to the access list. Also, the 10.x.x.x address space is reserved for local networks, so if you're on a remote network then the only way you're getting one of those addresses is be be connected through a VPN or some other means to attach your computer to the "internal" network where the application is housed. If you're connecting through the public Internet, you're not going to get a 10.x.x.x address or be able to "fake" one to the server.

Justin Scott
  • 8,748
  • 1
  • 27
  • 39
  • i do not own any credentials in that network.so i can set up any VPN.i also thought of that.10x ;) –  May 27 '10 at 08:11