SETUP BY WHICH WE CAN PING GOOGLE BUT NOT FACEBOOK FROM SAME SYSTEM
Here we gonna Create a Setup by which we can Ping Google But Not able to ping Facebook from same system.
As we know that, whenever we PING any of the IP from our System, It will start to create a Network packets but ROUTING TABLE is the one who decides whether we have to send this Packets or not by seeing their ROUTER RULES. If the IP is comes under the IP ranges that’s present in Routing Table of our OS, then it will start to send the packets else it wouldn’t possible to send the packets to that IP.
ROUTING TABLE:- A routing table is a set of rules, often viewed in table format, that is used to determine where data packets traveling over an Internet Protocol (IP) network will be directed. All IP-enabled devices, including routers and switches, use routing tables.
Let’s go deep dive into the practical part-
STEP-1:- For doing this practical I have used the RED HAT 8 Linux OS. Command to see the Routing table:-
Here, my OS has 4 Rules in my OS Routing Table. This rules are by-default present in all the OS, depends on their IP Address.
STEP-2:- If you try to Ping the Google(IP- 18.104.22.168) and Facebook, you will see it is Pinging:-
STEP-3:- Here first we have to Delete one Rule from our Routing Table which has Destination- 0.0.0.0 & Netmask- 0.0.0.0 because this Rule allows our OS to ping any of the Public IP of the world using SNAT of the Router. Command:-
route del -net 0.0.0.0
NETMASK:- A netmask is a 32-bit binary mask used to divide an IP address into subnets and specify the network’s available hosts. In a netmask, two of the possible addresses, represented as the final byte, are always pre-assigned and unavailable for custom assignment. For example, in 255.255.225.0, “0” is the assigned network address.
SOURCE NETWORK ADDRESS TRANSLATION:- Source Network Address Translation (source-nat or SNAT) allows traffic from a private network to go out to the internet. Virtual machines launched on a private network can get to the internet by going through a gateway capable of performing SNAT. The gateway has one arm on the public network and as part of SNAT, it replaces the source IP of the originating packet with its own public side IP. As part of SNAT, the source port is also updated so that multiple VMs can reach the public network through a single gateway public IP.
GATEWAY:- A gateway is a piece of networking hardware used in telecommunications for telecommunications networks that allows data to flow from one discrete network to another.
BY DEFAULT SNAT IS ENABLE IN ALL OF THE OS ROUTERS.
STEP-4:- Now after deleting that Rule, if you try to ping any of the Public IP either google, facebook, etc. It will not ping. But before this let’s first fetch out what’s the IP’s of Google & Facebook using nslookup. Command:-
Now if you try to ping this IP’s, you will see it’s not ping.
STEP-5:- Now for completing this practical we just only have to add 1 rule in our OS Routing table, by which it only ping google but not facebook. Command:-
route add -net 22.214.171.124 gw 192.168.43.1 netmask 255.255.255.0 enp0s3
Now if you try to ping google(126.96.36.199) you will see it is pinging but not Facebook(188.8.131.52):-
HURRAY, FINALLY WE HAVE COMPLETED OUR PRACTICAL….