Specifying outgoing interface/IP address
My scenario is that I need to access a service that has a per IP queries per hour limit. The legitimate way to overcome this limit, since the providers can't be bothered to do whitelisting, is to use multiple IP addresses.
I want, therefore, to create a round-robin system whereby I can say:
query 1 - use eth0
query 2 - use eth0:1
query 3 - use eth0:2
…etcetera.
The query will be coming from a Perl programme using IO::Socket.
7 Replies
Failing that, someone (via another source) has suggested a trick using iptables.
I'll post my results in case anyone else comes up against the same issue.
iptables -t nat -A POSTROUTING -m statistic --mode random --probability 0.5 -m state --state NEW -j SNAT --to-source X.X.X.X
iptables -t nat -A POSTROUTING -m state --state NEW -j SNAT --to-source Y.Y.Y.Y
Each new outgoing connection will "randomly" be Source NAT'ed to either X.X.X.X or Y.Y.Y.Y
This is assuming you have 2 IP addresses. If you have 3, you'll need to:
1) duplicate the 1st rule
2) adjust the source IP in the new rule
3) adjust all instances of 0.5 to be 0.333333333333 etc
You may wish to include a -d argument in there too so only outgoing connections to the host that's causing you problems is randomized
Cheers for that.
iptables -I FORWARD -i eth1 -o eth0 -m statistic --mode random --probability 0.5 -j DROP
@fukawi2:
iptables -t nat -A POSTROUTING -m statistic --mode random --probability 0.5 -m state --state NEW -j SNAT --to-source X.X.X.X iptables -t nat -A POSTROUTING -m state --state NEW -j SNAT --to-source Y.Y.Y.Y
Each new outgoing connection will "randomly" be Source NAT'ed to either X.X.X.X or Y.Y.Y.Y
That's really interesting. Didn't know about statistic.
@fukawi2:
code]iptables -I FORWARD -i eth1 -o eth0 -m statistic –mode random --probability 0.5 -j DROP
If this was StackExchange, I'd upvote you.