Friday, 7 September 2018

Private IP address

What is private IP address:

  • A private IP address is an IP address that's reserved for internal use behind a router or other Network Address Translation (NAT) device, apart from the public.

Which IP Addresses Are Private?

  • The Internet Assigned Numbers Authority (IANA) reserves the following IP address blocks for use as private IP addresses:
    • 10.0.0.0 to 10.255.255.255     ==> 16 million addresses
    • 172.16.0.0 to 172.31.255.255    ==> 1 million addresses
    • 192.168.0.0 to 192.168.255.255   ==>  65,000
  • Another range of private IP addresses is 169.254.0.0 to 169.254.255.255, but those addresses are for Automatic Private IP Addressing (APIPA) use only.
  • In 2012, the IANA allocated 4 million addresses of 100.64.0.0/10 for use in carrier-grade NAT environments.

Why using Private IP address:

  • IP address are limited, so private IP addresses provide an entirely separate set of addresses that still allow access on a network but without taking up a public IP address space.

Reserved IP Addresses

  • Another set of IP addresses that are restricted even further are called reserved IP addresses.
  • These are similar to private IP addresses in the sense that they can't be used for communicating on the greater internet, but they're even more restrictive than that.
  • The most famous reserved IP is 127.0.0.1. This address is called the loopback address and is used to test the network adapter or integrated chip.  
    • Technically, the entire range from 127.0.0.0 to 127.255.255.255 is reserved for loopback purposes but you'll almost never see anything but 127.0.0.1 used in the real world.
  • Addresses in the range from 0.0.0.0 to 0.255.255.255 are also reserved but don't do anything at all. If you're even able to assign a device an IP address in this range, it will not function properly no matter where on the network it's installed.
Source:
     https://www.lifewire.com/what-is-a-private-ip-address-2625970

Tuesday, 4 September 2018

Kernel: kernel running process or module details, conntrack & iptables



  • Kernel modules are pieces of code that can be loaded and unloaded into the kernel upon demand. They extend the functionality of the kernel without the need to reboot the system.
  • A module can be configured as built-in or loadable.
  • To create a kernel moduld, you can read The Linux Kernel Module Programming Guide
  • A module can be configured as built-in or loadable. 
  •  For example,
    • One type of module is the device driver, which allows the kernel to access hardware connected to the system.
    • Without modules, we would have to build monolithic kernels and add new functionality directly into the kernel image.
    • Besides having larger kernels, this has the disadvantage of requiring us to rebuild and reboot the kernel every time we want new functionality.


Example:

:~$ lsmod | grep conn
nf_conntrack_ipv4      16384  1
nf_defrag_ipv4         16384  1 nf_conntrack_ipv4
nf_conntrack          106496  3 nf_nat,nf_nat_ipv4,nf_conntrack_ipv4

:~$ lsmod | grep iptab

iptable_nat            16384  1
nf_nat_ipv4            16384  1 iptable_nat
iptable_filter         16384  0
ip_tables              28672  2 iptable_filter,iptable_nat
x_tables               36864  4 ip_tables,xt_tcpudp,iptable_filter,xt_REDIRECT

~$ lsmod | grep nat
nf_nat_redirect        16384  1 xt_REDIRECT
iptable_nat            16384  1
nf_nat_ipv4            16384  1 iptable_nat
nf_nat                 24576  2 nf_nat_redirect,nf_nat_ipv4
nf_conntrack          106496  3 nf_nat,nf_nat_ipv4,nf_conntrack_ipv4
ip_tables              28672  2 iptable_filter,iptable_nat


machine:~$ modinfo nf_conntrack
filename:       /lib/modules/3.19.0-25-generic/kernel/net/netfilter/nf_conntrack.ko
license:        GPL
srcversion:     87BEFE2F26ECB852F6EF9EC
depends:
intree:         Y
vermagic:       3.19.0-25-generic SMP mod_unload modversions
signer:         Magrathea: Glacier signing key
sig_key:        6A:AA:11:D1:8C:2D:3A:40:B1:B4:DB:E5:BF:8A:D6:56:DD:F5:18:38
sig_hashalgo:   sha512
parm:           tstamp:Enable connection tracking flow timestamping. (bool)
parm:           acct:Enable connection tracking flow accounting. (bool)
parm:           nf_conntrack_helper:Enable automatic conntrack helper assignment (default 1) (bool)
parm:           expect_hashsize:uint

:~$ modinfo ip_tables
filename:       /lib/modules/3.19.0-25-generic/kernel/net/ipv4/netfilter/ip_tables.ko
description:    IPv4 packet filter
author:         Netfilter Core Team <coreteam@netfilter.org>
license:        GPL
srcversion:     44A16130862F8CA2ECA59D9
depends:        x_tables
intree:         Y
vermagic:       3.19.0-25-generic SMP mod_unload modversions
signer:         Magrathea: Glacier signing key
sig_key:        6A:AA:11:D1:8C:2D:3A:40:B1:B4:DB:E5:BF:8A:D6:56:DD:F5:18:38
sig_hashalgo:   sha512

machine:~$ modinfo nf_nat
filename:       /lib/modules/3.19.0-25-generic/kernel/net/netfilter/nf_nat.ko
license:        GPL
srcversion:     A7C7F33E2B7EFD16A2534DF
depends:        nf_conntrack
intree:         Y
vermagic:       3.19.0-25-generic SMP mod_unload modversions
signer:         Magrathea: Glacier signing key
sig_key:        6A:AA:11:D1:8C:2D:3A:40:B1:B4:DB:E5:BF:8A:D6:56:DD:F5:18:38
sig_hashalgo:   sha512