2
I am connected to an ssh vpn on my mac, but I want to make sure all of my web traffic is running though it. How can I do that? Web traffic here can mean anything from http/s/ to udp tcp, to anything that goes from my computer to another, not in my house. Any ideas?
DCIndieDev
Posted 2011-03-10T19:51:33.757
Reputation: 812
6
Firstly, 'web traffic' is only http and https.
You mean 'internet traffic' - the web and the internet are two entirely different things.
And the tool you are looking for is traceroute or tracert on windows.
C:\> tracert www.google.com
or
$ traceroute www.google.com
and watch the machines the traffic is going through.
Oh, and what is a 'ssh vpn'? SSH doesn't do VPNs - it does port forwarding.
Majenko
Posted 2011-03-10T19:51:33.757
Reputation: 29 007
0
For HTTP, you can go to whatismyip.com to test what IP the connection is coming from.
Then I guess that is you are using a SOCKS proxy (option -D<port>).
By the way, the program you use on the client should be SOCKS proxy ready (meaning that somewhere you have specified to connect to localhost on the port you specified) or the OS should do that itself. (And I don't know how it works on Mac)
Now to verify... maybe try with some different client (IRC or so) on server that says what are your incoming IP?
M'vy
Posted 2011-03-10T19:51:33.757
Reputation: 3 540
0
If you want to actually view your packets you should use Wireshark to listen on whichever interface you're using.
Brian
Posted 2011-03-10T19:51:33.757
Reputation: 101
In Wireshark, can one listen to a specific software network interface? (Like the non-VPN to see what's not using that, rather than all traffic on a hardware NIC?) – Arjan – 2011-03-10T20:19:55.603
Looking real quickly, it doesn't seem like it - although you could probably define a filter to select out the appropriate packets...Ask Wireshark is a good resource
– Brian – 2011-03-11T15:02:50.537@arjan - of course you can. start it as wireshark -i <interfacename> or use "Capture -> Interfaces" from the menu. – Florenz Kley – 2011-03-20T19:14:03.980
@Florenz, you may be right, but are you sure it lists VPN connections? (And not only the ethernet and wireless cards? For this very question, listening to the hardware is not sufficient. Both non-VPN and VPN will use the same hardware.) – Arjan – 2011-03-20T21:38:05.057
@Arjan - that would depend on the type of VPN. With a SSH VPN, no problem IMO, as the interface itself is not touched, and no additional pseudo-interface is allocated. No such luck with IPSec - you are right there, listening to the underlying HW interface only captures a lot of esp and ah packets. – Florenz Kley – 2011-03-20T22:20:05.480
0
use tcpdump, it comes with the OS. That should be enough to see where stuff is going. wireshark is nice, but an extra install.
Florenz Kley
Posted 2011-03-10T19:51:33.757
Reputation: 1 453
Just to clarify, its a vpn over ssh, not an ssh vpn. In other words I connect to the vpn via ssh. Help? – DCIndieDev – 2011-03-10T20:57:19.847
Still not clear on how you achieve this. Are you actually routing a network protocol over SSH? (such as PPP over SSH?) – Majenko – 2011-03-10T22:25:13.523
well whats problematic is that I didnt set this one up myself so I know only what I am told. Lemme go research it a bit and comment back here. – DCIndieDev – 2011-03-10T23:08:46.310