#!/bin/bash # isgate.sh -- The gateway disclosure script (2011/04/05) # # "THE BEER-WARE LICENSE" (Revision 42): # wrote this file. As long as you retain this notice # you can do whatever you want with this stuff. If we meet some day, and # you think this stuff is worth it, you can buy me a beer in return. -V. # # Description: # ------------ # Check if a remote host on a LAN is able to forward network packets. On # linux boxes, it means that the host has "ip_forward" set to '1' inside # its kernel options. In other words and in most of cases, that another # network is behind that host. # # See technical details: http://vladz.devzero.fr/vladz-bash.php#isgate # # Scenario and usage: # ------------------- # 1) Find a box that replies to ICMP requests: # # # ping 192.168.0.16 # PING 192.168.0.16 (192.168.0.16) 56(84) bytes of data. # 64 bytes from 192.168.0.16: icmp_req=1 ttl=64 time=2.87 ms # # 2) As root, check targets (2nd arguments): # # # ./isgate.sh # usage: ./isgate.sh # # ./isgate.sh 192.168.0.16 192.168.0.51 # 192.168.0.51: IP forward enabled fatal(){ echo "${1}" && exit 1;} if [ $# -ne 2 ]; then fatal "usage: ${0} " fi for ip; do ping -c 1 ${ip} &>/dev/null || \ fatal "${ip} does not answer to ICMP packets" done mac=( $(awk -v p_ip="$1" -v t_ip="$2" '{ if($1 == p_ip) p_mac = $4; if($1 == t_ip) t_mac = $4; } END {print p_mac" "t_mac}' /proc/net/arp) ) if [ ${#mac[*]} -ne 2 ]; then fatal "One of both IP is not on the LAN or is local address" fi arp -s ${1} ${mac[1]} ping -w 1 -c 1 ${1} &>/dev/null && status="enabled" arp -s ${1} ${mac[0]} echo "${2}: IP forward ${status:-disabled}"