I am connected to an ssh vpn on my mac, but I want to make sure all of my web traffic is running though it. How can I do that? Web traffic here can mean anything from http/s/ to udp tcp, to anything that goes from my computer to another, not in my house. Any ideas?
-
Just to clarify, its a vpn over ssh, not an ssh vpn. In other words I connect to the vpn via ssh. Help?– TestinginProdCommented Mar 10, 2011 at 20:57
-
Still not clear on how you achieve this. Are you actually routing a network protocol over SSH? (such as PPP over SSH?)– MajenkoCommented Mar 10, 2011 at 22:25
-
well whats problematic is that I didnt set this one up myself so I know only what I am told. Lemme go research it a bit and comment back here.– TestinginProdCommented Mar 10, 2011 at 23:08
4 Answers
Firstly, 'web traffic' is only http and https.
You mean 'internet traffic' - the web and the internet are two entirely different things.
And the tool you are looking for is traceroute
or tracert
on windows.
C:\> tracert www.google.com
or
$ traceroute www.google.com
and watch the machines the traffic is going through.
Oh, and what is a 'ssh vpn'? SSH doesn't do VPNs - it does port forwarding.
For HTTP, you can go to whatismyip.com to test what IP the connection is coming from.
Then I guess that is you are using a SOCKS proxy (option -D<port>
).
By the way, the program you use on the client should be SOCKS proxy ready (meaning that somewhere you have specified to connect to localhost on the port you specified) or the OS should do that itself. (And I don't know how it works on Mac)
Now to verify... maybe try with some different client (IRC or so) on server that says what are your incoming IP?
If you want to actually view your packets you should use Wireshark to listen on whichever interface you're using.
-
In Wireshark, can one listen to a specific software network interface? (Like the non-VPN to see what's not using that, rather than all traffic on a hardware NIC?)– ArjanCommented Mar 10, 2011 at 20:19
-
Looking real quickly, it doesn't seem like it - although you could probably define a filter to select out the appropriate packets...Ask Wireshark is a good resource– BrianCommented Mar 11, 2011 at 15:02
-
@arjan - of course you can. start it as
wireshark -i <interfacename>
or use "Capture -> Interfaces" from the menu. Commented Mar 20, 2011 at 19:14 -
@Florenz, you may be right, but are you sure it lists VPN connections? (And not only the ethernet and wireless cards? For this very question, listening to the hardware is not sufficient. Both non-VPN and VPN will use the same hardware.)– ArjanCommented Mar 20, 2011 at 21:38
-
@Arjan - that would depend on the type of VPN. With a SSH VPN, no problem IMO, as the interface itself is not touched, and no additional pseudo-interface is allocated. No such luck with IPSec - you are right there, listening to the underlying HW interface only captures a lot of esp and ah packets. Commented Mar 20, 2011 at 22:20
use tcpdump, it comes with the OS. That should be enough to see where stuff is going. wireshark is nice, but an extra install.