Setting up an Ubuntu Router

I wanted to experiment with sniffing data on the network. Of course, my own network. This was not a creepy sniffing of my neighbours’ network. I was keen in converting my Ubuntu VM into a router VM. Then I can redirect all traffic from ‘client’ VM via the ‘router’ VM on which the sniffer is running. So, my requirements are simple, I need a VM with dual network adapter, one of which will be for the WAN side and other will be on the LAN side (exactly like a home router). What is required to convert a VM into router is a different topic and it will not be covered in this blog post.

Configure the Dual Network Adapter

The most important part of this is to understand that only one of the adapter is visible to your DHCP server and other is not. Why is this important? Because, only one of the adapter will get an IP from the DHCP and other will have to manually set. This DHCP-enabled adapter will be the WAN side adapter and the manual IP adapter will be the LAN side adapter. So, how do you configure dual interfaces on Ubuntu?

In Ubuntu, the networking system is configured via the ‘/etc/network/interfaces‘ file. Originally, there would have been only one interface as shown below:

$> ifconfig 
 eth0 Link encap:Ethernet HWaddr 08:00:27:d9:7a:ca 
 inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
 inet6 addr: fe80::a00:27ff:fed9:7aca/64 Scope:Link
 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
 RX packets:600 errors:0 dropped:0 overruns:0 frame:0
 TX packets:852 errors:0 dropped:0 overruns:0 carrier:0
 collisions:0 txqueuelen:1000 
 RX bytes:273084 (273.0 KB) TX bytes:141395 (141.3 KB)

lo Link encap:Local Loopback 
 inet addr:127.0.0.1 Mask:255.0.0.0
 inet6 addr: ::1/128 Scope:Host
 UP LOOPBACK RUNNING MTU:16436 Metric:1
 RX packets:479 errors:0 dropped:0 overruns:0 frame:0
 TX packets:479 errors:0 dropped:0 overruns:0 carrier:0
 collisions:0 txqueuelen:0 
 RX bytes:147404 (147.4 KB) TX bytes:147404 (147.4 KB)

Now, let us configure the networking system to understand the 2nd interface, which we shall name as ‘eth1.’

So edit ‘/etc/network/interfaces‘ as show below:

# The loopback network interface
 auto lo
 iface lo inet loopback

# The primary network interface
 auto eth0
 iface eth0 inet dhcp

 auto eth1
 iface eth1 inet static
 address 192.168.50.1
 network 192.168.50.0
 netmask 255.255.255.0
 broadcast 192.168.50.255

What this means is that:

  • eth0 is DHCP-enabled and gets the IP from the DHCP server.
  • eth1 has static IP of 192.168.50.1

Restart the network (via ‘sudo /etc/init.d/networking restart’):

network-restart
Restart of network

Now, both the interfaces are up as shown below:

$> ifconfig 
 eth0 Link encap:Ethernet HWaddr 08:00:27:d9:7a:ca 
 inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
 inet6 addr: fe80::a00:27ff:fed9:7aca/64 Scope:Link
 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
 RX packets:600 errors:0 dropped:0 overruns:0 frame:0
 TX packets:852 errors:0 dropped:0 overruns:0 carrier:0
 collisions:0 txqueuelen:1000 
 RX bytes:273084 (273.0 KB) TX bytes:141395 (141.3 KB)

eth1 Link encap:Ethernet HWaddr 08:00:27:85:3a:24 
 inet addr:192.168.50.1 Bcast:192.168.50.255 Mask:255.255.255.0
 inet6 addr: fe80::a00:27ff:fe85:3a24/64 Scope:Link
 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
 RX packets:3043 errors:0 dropped:0 overruns:0 frame:0
 TX packets:34454004 errors:0 dropped:0 overruns:0 carrier:0
 collisions:0 txqueuelen:1000 
 RX bytes:372333 (372.3 KB) TX bytes:3193181649 (3.1 GB)

lo Link encap:Local Loopback 
 inet addr:127.0.0.1 Mask:255.0.0.0
 inet6 addr: ::1/128 Scope:Host
 UP LOOPBACK RUNNING MTU:16436 Metric:1
 RX packets:479 errors:0 dropped:0 overruns:0 frame:0
 TX packets:479 errors:0 dropped:0 overruns:0 carrier:0
 collisions:0 txqueuelen:0 
 RX bytes:147404 (147.4 KB) TX bytes:147404 (147.4 KB)

Now we have 2 interfaces:

  1. ‘eth0’ (DHCP-enabled) pointing to the WAN side
  2. ‘eth1’ (static IP) pointing to the LAN side

Configure NAT routing

Use the following script, which I had borrowed from somewhere (forgot!) and slightly modified to my taste (available on github):

#!/bin/sh


#
#--------------------------------- constants
fn_check_dependencies() {
	local __cmd=${1}
	local __path=$(which ${__cmd})

	if [ $? -ne 0 ]; then
		echo "****************** !! \${__cmd}\' IS NOT AVAILABLE !! ******************"
		echo
		exit 1
	fi

	echo ${__path}
}

#
#--------------------------------- constants
AWK=$(fn_check_dependencies awk)
ECHO=$(fn_check_dependencies echo)
DEPMOD=$(fn_check_dependencies depmod)
GREP=$(fn_check_dependencies grep)
IP=$(fn_check_dependencies ip)
IPTABLES=$(fn_check_dependencies iptables)
MODPROBE=$(fn_check_dependencies modprobe)
NETSTAT=$(fn_check_dependencies netstat)

#
#--------------------------------- functions
fn_get_wan_iface() {
	${ECHO} $(${IP} route show | ${GREP} default | ${AWK} '{print $5}')
}

fn_get_lan_iface() {
	local _wan_ip=$(fn_get_wan_iface)
	${ECHO} $(${NETSTAT} -i | ${GREP} -ve lo -ve Iface -ve Kernel -ve ${_wan_ip} | ${AWK} '{print $1}')
}

fn_load_mod() {
	local __mod_name=${1}
	${ECHO} " |->; ${__mod_name}"
	${MODPROBE} ${__mod_name}
	if [ $? -ne 0 ]; then
		${ECHO} "****************** !! FAILED TO LOAD ${__mod_name} !! ******************"
		${ECHO}
		exit 1
	fi
}

fn_load_modules() {
	${ECHO} " - Loading kernel modules: "
	${DEPMOD} -a
	fn_load_mod ip_tables
	fn_load_mod nf_conntrack
	fn_load_mod nf_conntrack_ftp
	fn_load_mod nf_conntrack_irc
	fn_load_mod iptable_nat
	fn_load_mod nf_nat_ftp
	${ECHO}
}

fn_enable_ipv4_forwarding() {
	${ECHO} " - Enabling forwarding.."
	${ECHO} "1" > /proc/sys/net/ipv4/ip_forward
}

fn_enable_ipv4_dynamic_addr() {
	${ECHO} " - Enabling DynamicAddr.."
	${ECHO} "1" > /proc/sys/net/ipv4/ip_dynaddr
}

fn_clear_previous_fw_rules() {
	${ECHO} " - Clearing existing firewall rules"
	${IPTABLES} -t nat -D POSTROUTING -o "$WANIF" -j MASQUERADE
	${IPTABLES} -t filter -D FORWARD -i "$WANIF" -o "$LANIF" -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT 
	${IPTABLES} -t filter -D FORWARD -i "$LANIF" -o "$WANIF" -j ACCEPT
	${IPTABLES} -t filter -D FORWARD -j LOG
}

fn_create_fw_rules() {
	${ECHO} " - Enabling firewall rules"
	${IPTABLES} -t nat -A POSTROUTING -o "$WANIF" -j MASQUERADE
	${IPTABLES} -t filter -A FORWARD -i "$WANIF" -o "$LANIF" -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT 
	${IPTABLES} -t filter -A FORWARD -i "$LANIF" -o "$WANIF" -j ACCEPT
	${IPTABLES} -t filter -A FORWARD -j LOG
}

#
#--------------------------------- Main
${ECHO}
${ECHO} "======================= Enabling NAT ======================="
${ECHO}

WANIF=$(fn_get_wan_iface)
LANIF=$(fn_get_lan_iface)

${ECHO} "WAN Interface: $WANIF"
${ECHO} "LAN Interface: $LANIF"
${ECHO}

if [ -z ${WANIF} ]; then
	${ECHO} "****************** !! WAN interface not found !! ******************"
	${ECHO}
	exit 1
fi

if [ -z ${LANIF} ]; then
	${ECHO} "****************** !! LAN interface not found !! ******************"
	${ECHO}
	exit 1
fi

if [ ${WAN} = ${LANIF} ]; then
	${ECHO} "****************** !! Only one interface found !! ******************"
	${ECHO}
	exit 1
fi

${ECHO} "Setting up network:"
fn_load_modules
fn_enable_ipv4_forwarding
fn_enable_ipv4_dynamic_addr
fn_clear_previous_fw_rules
fn_create_fw_rules
${ECHO}
${ECHO} "======================= Done ======================="
${ECHO}

The above script does the following:

  1. Ensures the required kernel modules are loaded.
  2. Enable IP forwarding
  3. Enable masquerading on the WAN side interface
  4. All connections via LAN interface should be transferred to WAN interface
  5. Finally, all ‘established’ or ‘related’ connections via WAN should be transferred to LAN.

Done. Now when a device connects to this Ubuntu box via ‘eth1’ it connect to the internet. In other words, this ubuntu box serves as a router for other connected devices.

IPTables: Personal Firewall to protect my laptop

Firewall! What a high sounding word! Means high protection & a safe cocoon for all the newbies. Thats exactly what I did setup in my laptop: A firewall! A personalized firewall.

My use cases & reasons were very simple. Every once in a while, I expose my laptop to unsafe open Internet like the cafes, restaurants & hotel-accommodations. Apart from that, thanks to my work, I run many services like apache2, sshd, mongodb, mysqld, etc in my laptop, which are susceptible to malicious attacks. Club these two & I got a time-bomb ticking right on my lap!!

I did a bit of research and finally (I think & I hope this is final!) I have arrived at the min-ship requirement for my laptop to function correctly under any network without compromising itself!! These are things I felt like handling within my firewall:

  1. Enable (or Disable) a few kernel features
  2. Make the default rule to DROP instead of the ACCEPT
  3. Allow all packets from RELATED/ESTALBLISHED connectons
  4. Always allow loopback devices
  5. Drop all IANA reserved IPs
  6. Allow skype incoming
  7. Allow DHCP outgoing
  8. Allow DNS outgoing
  9. Allow HTTP outgoing
  10. Allow NTP outgoing
  11. Allow ping outgoing
  12. Allow SMTP outgoing
  13. Allow SSH outgoing

Simple, yeah?! 🙂

 

All of these steps are captured in my script – firewall.txt (Updated script: meetrp github). Just executing the script will enable everything as described above. But if you want to understand or wanna do them one-by-one yourselves then continue reading! 🙂

 

Enable (or Disable) a few kernel features
The common rule in protecting oneself is: “Deactivate everything you do not need.” Keeping in line with this principle, I have disabled (or enabled) a few kernel parameters to protect my laptop from malicious (or unwanted) intrusion.

  1. Ignore the broadcast pings: ICMP echo messages are the messages used by the “ping” command-line tool. By ignoring broadcast ICMP echo requests, your machine won’t respond when someone tries to ping a broadcast address (such as 255.255.255.255, or, say, 192.168.1.255 on a 192.168.1.0/24 subnet) to find all the hosts on the network or subnet at the same time.
  2. $> echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
    
  3. Deactivate source routed packets: Attackers could be using source-routed packets to generate traffic that seems to be intra-net, but actually was created outside and has been redirected.
  4. $> for iter in /proc/sys/net/ipv4/conf/*/accept_source_route; do; echo 0 > $iter; done
    
  5. Disable ICMP redirects: ICMP redirects are used by routers to specify better routing paths out of one network, based on the host choice, so basically it affects the way packets are routed and destinations. The atacker can then on basically alter your host’s routing tables and diver traffic towards external hosts on a path of his/her choice; the new path is kept active by the router for 10 minutes.
  6. $> for iter in /proc/sys/net/ipv4/conf/*/accept_redirects; do; echo 0 > $iter; done
    
  7. Disable IP forwarding: If there are mulitple network interfaces (like eth0, eth1, wlan0) active at the same time, then traffic coming in from one interface can be forwarded to another interface. This feature is not required in a traditional laptop
  8. $> echo 0 > /proc/sys/net/ipv4/ip_forward
    
  9. Turn on source address verfication: By default, routers route everything, even packets which ‘obviously’ don’t belong on your network. A common example is private IP space escaping onto the Internet. If you have an interface with a route of 195.96.96.0/24 to it, you do not expect packets from 212.64.94.1 to arrive there. Enabling this verification implies if the reply to a packet wouldn’t go out the interface this packet came in, then this is a bogus packet and should be ignored.
  10. $> for iter in /proc/sys/net/ipv4/conf/*/rp_filter; do; echo 1 > $iter; done
    
  11. Turn on syn cookies protection: The TCP Syn is DoS (Denial of Service) attack. It consumes resources on your Linux server. The attacker begin with the TCP connection handshake sending the SYN packet, and then never completing the process to open the connection. This results into massive half-open connections.
  12. $> echo 1 > /proc/sys/net/ipv4/tcp_syncookies
    

 
Where is the rules set?
Check the attached: firewall.txt (Updated script: meetrp github)! Rename this file with ‘.sh’ extension & execute it.

$> ls -l ./firewall.txt 
-rw-rw-r-- 1 rp rp 17288 Aug 31 00:15 ./firewall.txt

$> mv firewall.txt myfirewall.sh
$> ls -l *firewall*
-rwxrwxr-x 1 rp rp 17288 Aug 31 00:15 myfirewall.sh

$> chmod +x ./myfirewall.sh 

$> sudo ./myfirewall.sh 
[Sunday 31 August 2014 00:16:20] Not a root!
[Sunday 31 August 2014 00:16:20] ignore ICMP echo broadcasts
[Sunday 31 August 2014 00:16:20] log all packets
[Sunday 31 August 2014 00:16:21] enable reverse path filtering
[Sunday 31 August 2014 00:16:21] enable syn cookies protetion
[Sunday 31 August 2014 00:16:21] disable ICMP redirects
[Sunday 31 August 2014 00:16:21] disable ip forwarding
[Sunday 31 August 2014 00:16:21] disable source route
[Sunday 31 August 2014 00:16:21] -------------- IPv4 ---------------
[Sunday 31 August 2014 00:16:21] clear all rules
[Sunday 31 August 2014 00:16:21] default drop
[Sunday 31 August 2014 00:16:21] allow all related & established
[Sunday 31 August 2014 00:16:21] allow loop back
[Sunday 31 August 2014 00:16:21] drop all IANA reserved IPs
[Sunday 31 August 2014 00:16:21] --> eth0
[Sunday 31 August 2014 00:16:21] allow skype in
[Sunday 31 August 2014 00:16:21] allow DHCP out
[Sunday 31 August 2014 00:16:21] allow DNS out
[Sunday 31 August 2014 00:16:21] allow HTTP out
[Sunday 31 August 2014 00:16:21] allow NTP out
[Sunday 31 August 2014 00:16:21] allow ping out
[Sunday 31 August 2014 00:16:21] allow SMTP out
[Sunday 31 August 2014 00:16:21] allow SSH out
[Sunday 31 August 2014 00:16:21] --> wlan0
[Sunday 31 August 2014 00:16:21] allow skype in
[Sunday 31 August 2014 00:16:21] allow DHCP out
[Sunday 31 August 2014 00:16:21] allow DNS out
[Sunday 31 August 2014 00:16:21] allow HTTP out
[Sunday 31 August 2014 00:16:21] allow NTP out
[Sunday 31 August 2014 00:16:21] allow ping out
[Sunday 31 August 2014 00:16:22] allow SMTP out
[Sunday 31 August 2014 00:16:22] allow SSH out
[Sunday 31 August 2014 00:16:22] -------------- IPv6 ---------------
[Sunday 31 August 2014 00:16:22] clear all rules
[Sunday 31 August 2014 00:16:22] default drop

This is my firewall setup script. Whenever I want, I execute this script and voila, my firewall is setup.

 
Dump the IPTables for verfication

 $> sudo iptables -S
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT DROP
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -s 0.0.0.0/7 -j DROP
-A INPUT -s 2.0.0.0/8 -j DROP
-A INPUT -s 5.0.0.0/8 -j DROP
-A INPUT -s 7.0.0.0/8 -j DROP
-A INPUT -s 10.0.0.0/8 -j DROP
-A INPUT -s 23.0.0.0/8 -j DROP
-A INPUT -s 27.0.0.0/8 -j DROP
-A INPUT -s 31.0.0.0/8 -j DROP
-A INPUT -s 36.0.0.0/7 -j DROP
-A INPUT -s 39.0.0.0/8 -j DROP
-A INPUT -s 42.0.0.0/8 -j DROP
-A INPUT -s 49.0.0.0/8 -j DROP
-A INPUT -s 50.0.0.0/8 -j DROP
-A INPUT -s 77.0.0.0/8 -j DROP
-A INPUT -s 78.0.0.0/7 -j DROP
-A INPUT -s 92.0.0.0/6 -j DROP
-A INPUT -s 96.0.0.0/4 -j DROP
-A INPUT -s 112.0.0.0/5 -j DROP
-A INPUT -s 120.0.0.0/8 -j DROP
-A INPUT -s 169.254.0.0/16 -j DROP
-A INPUT -s 172.16.0.0/12 -j DROP
-A INPUT -s 173.0.0.0/8 -j DROP
-A INPUT -s 174.0.0.0/7 -j DROP
-A INPUT -s 176.0.0.0/5 -j DROP
-A INPUT -s 184.0.0.0/6 -j DROP
-A INPUT -s 192.0.2.0/24 -j DROP
-A INPUT -s 197.0.0.0/8 -j DROP
-A INPUT -s 198.18.0.0/15 -j DROP
-A INPUT -s 223.0.0.0/8 -j DROP
-A INPUT -s 224.0.0.0/3 -j DROP
-A INPUT -i eth0 -p udp -m udp --dport 16514 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 16514 -j ACCEPT
-A INPUT -i wlan0 -p udp -m udp --dport 16514 -j ACCEPT
-A INPUT -i wlan0 -p tcp -m tcp --dport 16514 -j ACCEPT
-A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --sport 67:68 --dport 67:68 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 80 -m state --state NEW -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 443 -m state --state NEW -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --sport 123 --dport 123 -j ACCEPT
-A OUTPUT -o eth0 -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 25 -m state --state NEW -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT
-A OUTPUT -o wlan0 -p udp -m udp --sport 67:68 --dport 67:68 -j ACCEPT
-A OUTPUT -o wlan0 -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -o wlan0 -p tcp -m tcp --dport 80 -m state --state NEW -j ACCEPT
-A OUTPUT -o wlan0 -p tcp -m tcp --dport 443 -m state --state NEW -j ACCEPT
-A OUTPUT -o wlan0 -p udp -m udp --sport 123 --dport 123 -j ACCEPT
-A OUTPUT -o wlan0 -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o wlan0 -p tcp -m tcp --dport 25 -m state --state NEW -j ACCEPT
-A OUTPUT -o wlan0 -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT

$> sudo ip6tables -S
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT DROP

If you notice I have plenty of rules for IPv4 but dropped the IPv6 entirely!! Who wants IPv6 right away?! I still get only IPv4 address.;)

If you wanna make these rules permanent and persistent then follow these steps:

Save the rules set while networking is going down

$> cat /etc/network/if-down.d/saveiptables
#!/bin/bash

/sbin/iptables-save > /etc/ipv4tables.rules
/sbin/ip6tables-save > /etc/ipv6tables.rules

exit 0

Restore the rules while networking is coming up

$> cat /etc/network/if-up.d/loadiptables
#!/bin/bash

/sbin/iptables-restore < /etc/ipv4tables.rules
/sbin/ip6tables-restore < /etc/ipv6tables.rules

exit 0

Btw, don't forget to change it to executable!

$> sudo chmod +x /etc/network/if-down.d/saveiptables /etc/network/if-up.d/loadiptable

After this, hopefully, my laptop is secure as compared to before.

FYI, these were my experiments limited to my understanding. If I can be of any help & esp vice-versa, please feel free to contact me!

Updated script: meetrp github

Courtesy

  1. Security - Linux StepByStep
  2. The Kernel - Linux inside
  3. IPTables Tips and Tricks: More Than Just ACCEPT or DROP
  4. Saving iptables rules to be persistent
  5. http://hermann-uwe.de/files/fw_laptop
  6. Laptop Iptables configuration
  7. iptables: Small manual and tutorial with some examples and tips

HowTo: Show/Display available network interfaces

The biggest problem I found was not identifying all the network interfaces available but the ones that are up. For instance, the 2 quickest way to identify all the available network interfaces are:

ip link
$> ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
    link/ether 5c:26:0a:7b:7b:f6 brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc mq state DOWN mode DEFAULT group default qlen 1000
    link/ether a0:88:b4:ca:8b:4c brd ff:ff:ff:ff:ff:ff

Obviously, there are 2 interfaces (sans the default, lo): eth0 & wlan0. Btw, can you tell which of these 2 are up & which is NOT?!!!! Trust me I couldn’t. At least not in the first look! Then figured a pattern in the presence of ‘DOWN’ or ‘UP’ keywords!! Yet, this was not sufficient for me as I was wanting to identify the network interfaces that are UP using a generic script. ‘grep’-ing for ‘UP’ & ‘DOWN’ would not work out here.

ifconfig
$> ifconfig -a
eth0      Link encap:Ethernet  HWaddr 5c:26:0a:7b:7b:f6
          inet addr:10.212.140.25  Bcast:10.212.140.255  Mask:255.255.255.0
          inet6 addr: fe80::5e26:aff:fe7b:7bf6/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:919885 errors:0 dropped:0 overruns:0 frame:0
          TX packets:418690 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1098622617 (1.0 GB)  TX bytes:48860614 (48.8 MB)
          Interrupt:20 Memory:e2e00000-e2e20000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:92466 errors:0 dropped:0 overruns:0 frame:0
          TX packets:92466 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:12115565 (12.1 MB)  TX bytes:12115565 (12.1 MB)

wlan0     Link encap:Ethernet  HWaddr a0:88:b4:ca:8b:4c
          BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:506150 errors:0 dropped:0 overruns:0 frame:0
          TX packets:344206 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:557950489 (557.9 MB)  TX bytes:40095705 (40.0 MB)

Another obvious problem! Can you see that it is not easy to figure out which of the interfaces are down!! Of course, the presense of UP (or the lack of it) is not sufficient to write a simple bash script!!

So, after a bit of research & some soul-searching as well, I figure out a simpler way:

netstat -i

$> netstat -i
Kernel Interface table
Iface   MTU Met   RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0       1500 0    921323      0      0 0        419605      0      0      0 BMRU
lo        65536 0     93141      0      0 0         93141      0      0      0 LRU

Ah! There you can see only eth0 is displayed! Voila! I found my unicorn here! 🙂 So, now my script would be a simple:

$> netstat -i | grep -vi 'kernel' | grep -vi 'iface' | grep -v 'lo' | awk '{print $1}'
eth0

Isn’t this awesome?! 🙂

One can even use ‘ifconfig -s‘ instead of ‘netstat -i‘ and the output be the same! 🙂

FYI: I am using Ubuntu 14.04 LTS 64-bit.

HowTo: Find default gateway IP on windows 7?

Oh, this kinda irritated me. I wanted to know this information for my project and I kept forgetting the actual value at the time of need. So wanted to get this clear in my head right now. This is straight forward and simple; we just need to check the network connection details. So, how do we do that in Windows 7?

Open ‘Control Panel -> Network and Internet -> Network Connections’

Network Connections
Network Connections

Double click (i.e., open) the network connection you are interested in. Like ‘Local Area Connection’ as I had selected below.

Ethernet status
Ethernet status

Then click on the ‘Details…’ button and the value of interest is in this new Pop up window! 🙂

Ethernet details
Ethernet details

Just for records, similarly for Wireless Network Connection.

WiFi details
WiFi details

Finally! 🙂