User Controls
How do i configure an interface to use a custom DHCP server?
-
2019-03-23 at 4:17 PM UTCCurrently my router does DHCP, but i want to run a DHCP server locally and customize it. How would i go about setting up a DHCP server locally and then having an interface use it? Are there any commands to set up an interface with `ifconfig` that lets you define this?
-
2019-03-23 at 4:52 PM UTCReported for off topic posting in a technical forum
-
2019-03-23 at 7 PM UTCnigger
-
2019-03-23 at 7:12 PM UTC
Originally posted by whoami If your router allows it, you can disable its DHCP server and configure your own to listen/assign addresses on the same subnet. The arch linux wiki has a decent guide on setting up dhcpd.
Thanks for the reply but i know how to set up a DHCP server and configure it. I'm unsure however how i will make it so that when i create an interface say `eth1337` in example that it uses a DHCP server i want instead of the one my router provides. Since you can configure a lot more than just IP leases with DHCP i want to be able to switch from my router provided one to the one with the custom configuration whenever there's a need for it. -
2019-03-23 at 7:22 PM UTC
-
2019-03-23 at 7:23 PM UTCHey sofe how's it hanging?
. -
2019-03-23 at 7:31 PM UTC
-
2019-03-23 at 7:59 PM UTCnigger
-
2019-03-24 at 12:29 PM UTCYou want DHCP to be served from your Linux computer?
DHCP forwarding is easy enough to set up on DDWRT, it sounds like your router firmware is the hard part here.
Setting up a different subnet - 192.168.2.x for instance would be an easy workaround. -
2019-03-24 at 4:50 PM UTCThis post has been edited by a bot I made to preserve my privacy.
-
2019-03-25 at 6:34 PM UTC
Originally posted by whoami Oh I see. Easiest way is probably to set up both servers to lease different ranges on the same subnet (eg. first one 192.168.1.10-99, second one 192.168.1.100-200) then configure your DHCP client to ask for a specific address within each range when connecting with different interfaces. So if you connect with your default eth0 or whatever dhclient/NetworkManager you would make it ask for 192.168.1.20 and the first would reply, when using eth1337 it would ask for 192.168.1.120 and the second would reply. Can't recall off the top of my head how to configure either dhclient or NM to ask for a specific lease, I'll research it when I get home if aldra/Lanny hasn't beat me to it.
Yes please do, in the mean time i will read up on the finer details of using nmcli and various Linux utilities to do with networking such as `ifconfig`.
What i would like to achieve is being able to switch interfaces, one uses standard DHCP provided by my router, the other would use a DHCP server i set up with `isc-dhcp-server` and would be configured to force DNS through DNS-Crypt and have entries to a PAC/WPAD server in ` /etc/dhcp/dhcpd.conf` this server will provide PAC scripts so as to force connections to certain web resources through a series of proxies, or Tor and similar, depending on the web resource that is being requested.
I hear this is possible through a shadowsocks server as well but i really need to read up on on such an implementation before i can make an intelligent comment with regards to that. At the same time i would block any and all traffic that isn't 'managed' for lack of a better word by the custom DHCP server with `iptables` or a similar firewall solution. My aim is to have two modes of connecting to the internet, OPSEC mode, through the special interface, DHCP server, DNS server configs and a PAC/WPAD server to provide proxychains or Tor routing depending on my particular needs at the moment.
I am not a networking expert, but i am learning, and i really do appreciate all the insight, help and tips you're able to provide. -
2019-03-25 at 6:51 PM UTC
Originally posted by Narc Hey sofe how's it hanging?
.
I'm doing well, thank you for asking. But as much as i appreciate your interest in my well being, i would prefer to keep the discussion on track with regards to what i consider personally as a rather complex subject. The discussion at hand is something i am really interested in and keen on learning more about. -
2019-03-26 at 1:39 AM UTCSo you've mentioned to me and on the boards in the past that you're confident the feds couldn't track all your pedo shit that you do online coz you're way advanced on your network security. But reading this Fred don't sound like you're as much of an expert as you'd prolly need to be. Just saying like.
. -
2019-03-26 at 2:17 AM UTC
Originally posted by Narc So you've mentioned to me and on the boards in the past that you're confident the feds couldn't track all your pedo shit that you do online coz you're way advanced on your network security. But reading this Fred don't sound like you're as much of an expert as you'd prolly need to be. Just saying like.
.
Come on dude, there are a lot of ways to guarantee your anonymity, some of them are complex some of them less so. You accused GGG of not knowing what he was talking about and while that was true and i appreciated the fact of you pointing that out. What i am talking about here in this thread is simply another way to or strategy if you will when it comes to OPSEC. My current set up is good, i am simply exploring other more customizable options of getting even better results.
What's more, if you are able to fully customize which web resources get accessed how and when it gives you more control and a more comprehensive way of dealing with various threats. What's more, you always scale your OPSEC measures to your threat model. Say you Narc want to get a little more privacy on the internet. Cool, now what you can do is run TAILs or WHOnix, but if you are trying to protect yourself from script kiddy's that just want to DOX you a solution like that is overkill.
OPSEC and forensic counter measures scale with your threat model. In the example i used for you it would probably suffice to just run a VPN and not reveal too much personal information. There isn't a one size fits all.
All i am doing here is expanding my knowledge in the field of OPSEC, you know just as well as i do, that you can be good at something and still have a lot to learn.
Sorry if i upset you by saying i wanted the thread to be as technical as possible. That wasn't meant as a personal slight towards you, and you know it. -
2019-03-27 at 2:25 PM UTCOK, was just checking
. -
2019-03-27 at 3:39 PM UTCsorry, didn't see this thread, will write up tomorrow
-
2019-03-28 at 9:25 PM UTC
-
2019-03-28 at 9:46 PM UTCIsn't Sophie a fed though?
-
2019-03-29 at 12:46 AM UTC
-
2019-03-29 at 2:12 AM UTCThis post has been edited by a bot I made to preserve my privacy.