IP Spoofing with a docker container using IPTables
Hello,
In this article, I will show you how to spoof an IP address instead of source IP address of a docker container using IPTables.
I have 2 virtual machine running on oracle virtual box.
centos1(192.168.1.15) and centos2(192.168.1.75).
I hit the command below on centos2 and a centos container is up.
docker run -it docker.io/halukk/centos bash
and on another session on centos2 I added a firewall rule with the command below.
# iptables -t nat -L PREROUTING 1 -s 172.17.0.0/16 -j SNAT --to-source 192.168.1.214
In this command I will change source IP address section of IP packages coming from containers(172.17.0.0/16) with the address 192.168.1.214.
In the container session, I ping centos1 server and tcpdump analysis shows me the IP address coming on 192.168.1.214 .
You can see the IP address changed as 192.168.1.214 instead of 192.168.1.75 . On machine to machine traffic you can see the Ip address of centos2 machine.
If you want to take a pong to your icmp request you should configure routing on centos1 machine to route 192.168.1.214 traffic to 192.168.1.75 .
# route add 192.168.1.214 gw 192.168.1.75