Add a fake hop in tracert – Valuable Tech Notes

A client wants to add a fake hop when someone does a traceroute on his IP address. He has two ip addresses, and one interface (no problem, virtual interfaces solve it). How should I proceed? Is this even possible? I tried iptables forwarding but then it won't show up in a traceroute. I haven't tried other methods though (maybe some sort of bridging?)

Here is the current route shown in tracert:
Person doing traceroute -> 1.1.1.2

Here is the planned traceroute result:
Person doing traceroute -> 1.1.1.1 (fake hop) -> 1.1.1.2

Update: Added some formatting to clarify that it is not an xy problem. I am absolutely open to any solution, not just iptables (Be it a proper one or a dirty hack)

Edit: It's on one host only (Linux). I also want to do this. It doesn't have to be anything fancy. 1.1.1.1 just needs to show up on a traceroute.

My attempt – Not necessarily the right approach

Update: I tried bouncing off the packet from 1.1.1.2 to 1.1.1.1, then mangling it to decrease TTL, then forward it to 1.1.1.2 (Postrouting -j SNAT –to 1.1.1.1).

Edit: Here are the rules I tried, sensitive info removed:

# Generated by iptables-save v1.4.21 on Mon May 18 15:13:18 2015
*nat
:PREROUTING ACCEPT [8:760]
:INPUT ACCEPT [8:760]
:OUTPUT ACCEPT [1:104]
:POSTROUTING ACCEPT [1:104]
-A POSTROUTING -p icmp -m icmp --icmp-type 8 -j SNAT --to-source 1.1.1.1
COMMIT
# Completed on Mon May 18 15:13:18 2015
# Generated by iptables-save v1.4.21 on Mon May 18 15:13:18 2015
*mangle
:PREROUTING ACCEPT [763:151106]
:INPUT ACCEPT [763:151106]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [299:39396]
:POSTROUTING ACCEPT [299:39396]
-A FORWARD -i eth0 -o eth0:0 -p icmp -m icmp --icmp-type 8 -j TTL --ttl-dec 1
COMMIT
# Completed on Mon May 18 15:13:18 2015
# Generated by iptables-save v1.4.21 on Mon May 18 15:13:18 2015
*filter
:INPUT ACCEPT [839:179066]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [303:40704]
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -p udp -m udp --dport 33434:33523 -j ACCEPT
-A FORWARD -d 1.1.1.1/32 -o eth0 -p icmp -m icmp --icmp-type 8 -j ACCEPT
COMMIT
# Completed on Mon May 18 15:13:18 2015

Best Answer

In theory, the following should work and achieve what you are seeking.

create a new virtual interface on the server in question and assign it with an IP address, http://linuxconfig.org/configuring-virtual-network-interfaces-in-linux
set the origin IP address/interface so that it points to the new virtual interface that was created in the previous set by altering the routing table (In effect, it becomes a new router/gateway between the source and the target), http://linux-ip.net/html/basic-changing.html

Best Answer

Related Solutions

How to properly interpet the results of tracert, in particular the second to last hop before a timeout

Why does tracert only report one hop on failure

Related Topic