3

I am connected to an ssh vpn on my mac, but I want to make sure all of my web traffic is running though it. How can I do that? Web traffic here can mean anything from http/s/ to udp tcp, to anything that goes from my computer to another, not in my house. Any ideas?

Improve this question
3
  • Just to clarify, its a vpn over ssh, not an ssh vpn. In other words I connect to the vpn via ssh. Help?
    – TestinginProd
    Commented Mar 10, 2011 at 20:57
  • Still not clear on how you achieve this. Are you actually routing a network protocol over SSH? (such as PPP over SSH?)
    – Majenko
    Commented Mar 10, 2011 at 22:25
  • well whats problematic is that I didnt set this one up myself so I know only what I am told. Lemme go research it a bit and comment back here.
    – TestinginProd
    Commented Mar 10, 2011 at 23:08

4 Answers 4

Reset to default
6

Firstly, 'web traffic' is only http and https.

You mean 'internet traffic' - the web and the internet are two entirely different things.

And the tool you are looking for is traceroute or tracert on windows.

C:\> tracert www.google.com

or

$ traceroute www.google.com

and watch the machines the traffic is going through.

Oh, and what is a 'ssh vpn'? SSH doesn't do VPNs - it does port forwarding.

Improve this answer
0

For HTTP, you can go to whatismyip.com to test what IP the connection is coming from.

Then I guess that is you are using a SOCKS proxy (option -D<port>). By the way, the program you use on the client should be SOCKS proxy ready (meaning that somewhere you have specified to connect to localhost on the port you specified) or the OS should do that itself. (And I don't know how it works on Mac)

Now to verify... maybe try with some different client (IRC or so) on server that says what are your incoming IP?

Improve this answer
0

If you want to actually view your packets you should use Wireshark to listen on whichever interface you're using.

Improve this answer
5
  • In Wireshark, can one listen to a specific software network interface? (Like the non-VPN to see what's not using that, rather than all traffic on a hardware NIC?)
    – Arjan
    Commented Mar 10, 2011 at 20:19
  • Looking real quickly, it doesn't seem like it - although you could probably define a filter to select out the appropriate packets...Ask Wireshark is a good resource
    – Brian
    Commented Mar 11, 2011 at 15:02
  • @arjan - of course you can. start it as wireshark -i <interfacename> or use "Capture -> Interfaces" from the menu.
    – Florenz Kley
    Commented Mar 20, 2011 at 19:14
  • @Florenz, you may be right, but are you sure it lists VPN connections? (And not only the ethernet and wireless cards? For this very question, listening to the hardware is not sufficient. Both non-VPN and VPN will use the same hardware.)
    – Arjan
    Commented Mar 20, 2011 at 21:38
  • @Arjan - that would depend on the type of VPN. With a SSH VPN, no problem IMO, as the interface itself is not touched, and no additional pseudo-interface is allocated. No such luck with IPSec - you are right there, listening to the underlying HW interface only captures a lot of esp and ah packets.
    – Florenz Kley
    Commented Mar 20, 2011 at 22:20
0

use tcpdump, it comes with the OS. That should be enough to see where stuff is going. wireshark is nice, but an extra install.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .