I have an OpenVPN vpn on OS X Yosemite which creates a utun0 device with an address on the 10.0.0.0/8 private network. I map our internal service hostnames to addresses on this network in /etc/hosts.
At the same time, I access certain services on machines which are dual-homed on the 10.0.0.0/8 and 172.16.0.0/12 networks. Sometimes, these services return addresses to other services on the 172 network. Since my machine does not have an interface to the 172 network, I cannot access these addresses.
For example, I have a web app which listens on 10.68.0.62 and 172.31.36.129. I can reach it on 10.68.0.62:80, but sometimes it might link to another address like 172.31.36.128:80. This machine has an address 10.68.0.86.
Is there a (sane) way to transparently forward requests from my machine to addresses in 172.16.0.0/12 to corresponding addresses in 10.0.0.0/8? For example, forward requests to 172.31.36.128 to 10.68.0.86.
I suspect this is possible with some pfctl wizardry, but I'm not familiar enough with that tool to figure it out myself.
Aucun commentaire:
Enregistrer un commentaire