Network Namespaces

install netns helper

wget https://raw.githubusercontent.com/Lekensteyn/netns/master/netns -O /bin/netns
chmod +x /bin/nets

uncomment “net.ipv4.ip_forward=1” in /etc/sysctl.d/99-sysctl.conf

enable NAT

iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE
iptables-save  > /etc/firewall

bash prompt, add to .bashrc

_ns_name=$(ip netns identify 2>/dev/null)
PS1=${_ns_name:+(${_ns_name})}${PS1}
unset _ns_name

create namespace “0”

netns 0 start

run bach inside

netns 0 exec

permit routing

ip netns exec netns0 sysctl -w net.ipv4.ip_forward=1
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE

inside NS

iptables -t nat -A PREROUTING -d 10.9.0.2 -p tcp --dport 443 -j DNAT --to-destination 10.139.231.1:443

curl -k --header "Host: www.xxx.it" https://10.9.0.2:443/Info-ws/services/xxx/