====== Network Namespaces ======

===== setup =====

install [[https://raw.githubusercontent.com/Lekensteyn/netns|netns]] helper
<code>
wget https://raw.githubusercontent.com/Lekensteyn/netns/master/netns -O /bin/netns
chmod +x /bin/nets
</code>

uncomment "net.ipv4.ip_forward=1" in /etc/sysctl.d/99-sysctl.conf

enable NAT
<code>
iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE
iptables-save  > /etc/firewall
</code>

bash prompt, add to .bashrc
<code>
_ns_name=$(ip netns identify 2>/dev/null)
PS1=${_ns_name:+(${_ns_name})}${PS1}
unset _ns_name
</code>


===== use =====

create namespace "0"
<code>
netns 0 start
</code>

run bach inside
<code>
netns 0 exec
</code>

permit routing 
<code>
ip netns exec netns0 sysctl -w net.ipv4.ip_forward=1
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
</code>


inside NS 
<code>
iptables -t nat -A PREROUTING -d 10.9.0.2 -p tcp --dport 443 -j DNAT --to-destination 10.139.231.1:443
</code>

<code>
curl -k --header "Host: www.xxx.it" https://10.9.0.2:443/Info-ws/services/xxx/
</code>