CentOS 5 Networking :: Tcpdump Error With NFS Port Sniffing

Feb 16, 2010

I have configured NFS Server on CentOS 5.2 with IBM Web Server,which is having AIX 5.3 The IBM Web Server can upload all data onto NFS Server. Now, Today i was having slow response on IBM Web Server & by measuring the NFS, i found below error while running "tcpdump" command on CentOS Server.

tcpdump -n -i eth1 | grep 2049
18:36:37.237451 IP 10.100.19.241.2049 > 10.100.19.88.1758143293: reply ok 1448 read [|nfs]
18:36:37.237476 IP 10.100.19.241.2049 > 10.100.19.88.539981409: reply ERR 1448
18:36:37.237481 IP 10.100.19.241.2049 > 10.100.19.88.796287348: reply ERR 1448

[code]....

I have changed Network Card in CentOS. All LAN is on Gigabit Network. Also I have changed the Network Cable(Patch Cord). But,still no response.

View 3 Replies


ADVERTISEMENT

SUSE :: Sniffing With TCPDUMP Or Tshark - Get No Packets Back When Specify A Host To Watch

Nov 23, 2010

If I am sniffing with TCPDUMP or tshark, I have an issue. If I specify a host to watch, I get no packets back, but if I don't specify a host, I get all traffic, including the host traffic I was filtering for the first time. ?? IE: If I: tcpdump -vnnXs 1514 -i bond0 I see all traffic and traffic to x.x.x.x But if I: tcpdump -vnnXs 1514 -i bond0 host x.x.x.x I see no traffic.

View 1 Replies View Related

Red Hat / Fedora :: NFS And Tcpdump Error In CentOS

Feb 15, 2010

I have configured NFS Server on CentOS 5.2 with an IBM Web Server(AIX). The IBM Web Server can upload all data onto NFS Server. Now, today i was having slow response on IBM Web Server & by measuring the NFS, I found below error while running "tcpdump" command. I have ran "tcpdump" command on NFS Server.

tcpdump -n -i eth1 | grep 2049
18:36:37.237451 IP 10.100.19.241.2049 > 10.100.19.88.1758143293: reply ok 1448 read [|nfs]
18:36:37.237476 IP 10.100.19.241.2049 > 10.100.19.88.539981409: reply ERR 1448
18:36:37.237481 IP 10.100.19.241.2049 > 10.100.19.88.796287348: reply ERR 1448
18:36:37.237488 IP 10.100.19.241.2049 > 10.100.19.88.1986098295: reply ERR 1448
18:36:37.237566 IP 10.100.19.241.2049 > 10.100.19.88.539762736: reply ERR 1448 .....

18:36:37.238263 IP 10.100.19.241.2049 > 10.100.19.88.1869440302: reply ERR 1448
16133 packets captured
23339 packets received by filter
7100 packets dropped by kernel
10.100.18.241 is the IP of NFS Server & 10.100.19.88 IP belongs to IBM Web Server.

View 1 Replies View Related

CentOS 5 Networking :: Error: Unable To Connect To Remote Host: Connection Refused, It Happens With Any Port

Feb 11, 2009

I'm trying to connect with my server via telnet, but when i sent the command (telnet xxx.xxx.xxx.xxx Port) doesn't works and shows then follow error: Unable to connect to remote host: Connection refused, It happens with any port. Is strange but my telnet services works (telnet xxx.xxx.xxx.xxx), In addition, i tried with firewall enabled and disabled and the problem still happens. My centOS run on virtualbox.

View 3 Replies View Related

Ubuntu Networking :: Error - Remote Port Forwarding Failed For Listen Port 5500

Aug 7, 2010

When I use the following command:

ssh user@ssh_server -L 5500:localhost:5500 -p 22

everything works fine. I can log in, and local port forwarding is done. Otherwise when I use the command:

ssh user@ssh_server -R 5500:localhost:5500 -p 22

I get an error "remote port forwarding failed for listen port 5500". However when I try remote port forwarding in WinXP by use of putty there is no problem...

View 2 Replies View Related

Fedora Networking :: T-like Utility For Sniffing/logging TCP Connections?

Aug 19, 2010

I need a utility to record the traffic on a particular TCP port. I know there are packet sniffers that can do this, but I don't need to monitors the wire, just the traffic to and from my own computer. I would assume there is something out there that can hook into the TCP stack and copy the data to a file just before/after it goes out/in, but my google fu has failed me.

View 6 Replies View Related

Ubuntu Networking :: Enable Promisuas Mode In Packet Sniffing?

Nov 5, 2010

I am running wireshark on my laptop. It is only showing me the packets addressed to and from it, and broadcast packets. I am running it in promiscuas mode, and in iwconfig set the interface to mode monitor. However it can still not see packets from my other laptop. They are in the same room, both wirelessly connected to the same network.

View 2 Replies View Related

CentOS 5 Networking :: Use Webmin To Set Up Port Forwarding/NAT On A Dual-NIC Centos 5.3 Box?

Aug 31, 2009

Can anyone here point me to a walk-through or discussion of how to use Webmin to set up port forwarding/NAT on a dual-NIC Centos 5.3 box? The layout will be simple:

Internet --- NIC1 [CentOS Box] NIC2 --- Switch to other PCs

We have a BUNCH of exposed services that are on special ports -- for example, to connect to one machine, you go in with [IP_Address]:12000, and to connect to another, [IP_Address]:12002, etc., etc. We're currently using OpenSuse 10.3 on this box, and YaST makes this criminally easy (you give it the incoming port number and the destination IP/port numbers and it just works). But OpenSuse 10.3 is nearing EOL, we're buying a new machine, and I'd like to use CentOS on the new one.

I've read the sparse Webmin documentation in their Wiki, and it leads one to believe that you simply insert a "NAT" rule. But there's obviously something they're leaving out. I *am* opening the ports in the firewall. But when I log in to [IP_Address]:port, it just times out. The port forwarding never occurs. The test in this case is SSH, and I know that SSHD is working properly because I can log into that machine just fine from another PC on the same internal subnet.

View 8 Replies View Related

CentOS 5 Networking :: Unable To Port 8080 On CentOS VPS Server

May 30, 2011

i am not able to port 8080 on my CentOS VPS server.I have followed all the instuctions as mentioned on iptables wiki page.Also I am able to telnet my ip address and port number, But can not access from browser.

View 6 Replies View Related

CentOS 5 Networking :: Connect Centos 5.5 Using Ethernet Port To ADSL Broadband Modem Which Is Configured In PPPoe Mode?

Feb 10, 2011

Pl can anyone guide me to connect centos 5.5 using ethernet port to ADSL Broadband modem which is configured in PPPoe mode?

View 19 Replies View Related

Ubuntu :: Error Installing Libpcap And Tcpdump

Jun 20, 2010

I am trying to install libpcap and tcpdump, but even if I have already installed Flex, as the terminal tells me to do. What else could I do?

Code:
configure: error: Your operating system's lex is insufficient to compile libpcap. Flex is a lex replacement that has many advantages, including being able to compile libpcap. For more information, see [URL].

View 1 Replies View Related

CentOS 5 Networking :: How To Open Port 22 On Centos

Dec 26, 2009

we are going to install ASTERISK remotely, hence the port 22 in the server has to be open ,Can somebody reply me with exact commands?I tried these commands and got these results

Command : cat /etc/services | grep xxx
Result : No Such file or directory
Command :netstat -nan | grep 22

[code]....

View 4 Replies View Related

General :: Library Dependency Error When Starting Wireshark / Tcpdump

Jan 6, 2011

I'm using Fedora9. I cannot start wireshark or tcpdump because of the lib dependency error:

Code:
[root@localhost ~]# wireshark
wireshark: error while loading shared libraries: libpcap.so.0.9: cannot open shared object file: No such file or directory

I updated libpcap before and the latest version is libpcap.so.1.1. I changed the version because of another application but I cannot remember when I did it, perhaps on Sep.11?

Code:
[root@localhost lib]# ll |grep libpcap
-rw-r--r-- 1 root root 309670 2010-09-11 08:10 libpcap.a
lrwxrwxrwx 1 root root 12 2010-09-11 08:10 libpcap.so -> libpcap.so.1
lrwxrwxrwx 1 root root 14 2010-09-11 08:10 libpcap.so.1 -> libpcap.so.1.1
-rwxr-xr-x 1 root root 243207 2010-09-11 08:10 libpcap.so.1.1

So I tried

Code:
ln -s libpcap.so.1.1 libpcap.so.0.9
but it doesn't work.

View 5 Replies View Related

Fedora Networking :: Port Redirect, I.e. Whatever Comes Through Whatever Interface On Port AAAA Will Get Redirected To Port BBBB?

Feb 18, 2010

I want to do a simple port redirect, i.e. whatever comes trough whatever interface on port AAAA will get redirected to port BBBBI thought that iptables -t nat -I PREROUTING --source 0/0 --destination 0/0 -p tcp --dport AAAA -j REDIRECT --to-ports BBBBhowever it doesn't work, e.g. nc -v -w2 -z localhost AAAA gives:

nc: connect to localhost port AAAA (tcp) failed: Connection refused
while
nc -v -w2 -z localhost BBBB

[code]....

View 10 Replies View Related

CentOS 5 Networking :: How To Ssh To The Serial Port On A PC

Jan 16, 2010

I would like to be able to ssh to a TCP port on my server and be directly connected to the serial port @ 115200 Null modem config. Does any body know how one can do this?

View 4 Replies View Related

Networking :: How To Create Dump Log Using TCPdump

Dec 7, 2010

I am trying to create a dump log using tcpdump. I want display the top 10 ip addresses sorted numerically showing how many times the ips are hitting the server. I'm getting frustrated because It's not working how I'd like it to.

View 1 Replies View Related

Networking :: Using Multiple Interfaces For Tcpdump?

Feb 16, 2011

Is there a way to do multiple interfaces in tcpdump? I have found that when using "-i any", not all packets are captured (compared to "-i eth0" on a machine with only one interface). I need to monitor traffic on some machines with as many as 6 interfaces, and get these packets that "-i any" misses. When I give the "-i" option multiple times, it seems to only use the last one.

View 3 Replies View Related

Networking :: Tcpdump -w Not Writing Data?

Oct 18, 2010

I'm trying to capture packets to a file with the -w option but the file is empty yet if I use the '-w -' option to put data on stdout I see plenty of captured packets.I'm using CentOS 5.5 x86

Code:
[root@server ~]# tcpdump -v -i eth0 -w dump -s0
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes

[code]....

View 2 Replies View Related

CentOS 5 Networking :: Received Tcn Bpdu On Port?

Jun 8, 2009

i am using centos 5.2 . recently i have implementing transparent proxy but i faced issue. i received lots of messages in dmesg. i have 2 machine with same OS another machine are works fine with this same configuration

br0: received tcn bpdu on port 1(eth0)
br0: topology change detected, propagating
br0: received tcn bpdu on port 1(eth0)
br0: topology change detected, propagating
br0: received tcn bpdu on port 1(eth0)

[Code]...

View 1 Replies View Related

CentOS 5 Networking :: 2nd NIC Port Seems Not Working Independently Without 1st NIC?

Jun 25, 2009

Would like to seek your support and idea about the having 2 IP addresses bind to my server.I am using a Dell Server coming with 2 Gigabit Ethernet ports -- eth0 and eth1.After CentOS 5.4 installation, if we assign 2 IP addresses 192.168.1.1 and 192.168.1.2(both in the same subnet - 255.255.255.0) to the 2 NIC. The default gateway is 192.168.1.254.We found the following phenomenon:1. If we unplug the cable connecting eth0, eth1 will be disconnected as well.2. The connection to the server, like SSH, FTP, experience frequently disconnection.My questions:1. If we want to connect both cables to the 2 ports, how can we make them independent and actas normal? That means both ports are functioning independently.2. Is the any build in function in CentOS that can bind 2 NIC as 1?

View 2 Replies View Related

CentOS 5 Networking :: Port Forwards From 2 Different Gateways?

Mar 24, 2010

I have a CentOS5 box I use to run ASSP for Anti-spam. It has a single NIC. I configure network settings using Webmin. I have two Internet connections managed by different routers.

Router 1 - 10.0.0.254 255.255.255.0
Router 2 - 10.0.0.250 255.255.255.0
CentOS - 10.0.0.30 255.255.255.0

Both routers port forward traffic on port 25 (SMTP) to the CentOS box. The SMTP connections only work for the router that is the default gateway on the CentOS box! If Router 1 is configured as the default gateway in CentOS then I can Telnet to that routers WAN IP on port 25 and successfully send mail! On Router 2 I get no connection unless I change the default gateway in CentOS to be the IP of Router 2 thern Router 1 SMTP connections will not work! I imagine that CentOS is sending out it's responses to the default gateway instead of the Router that initiated the port forward?

View 2 Replies View Related

CentOS 5 Networking :: Port 25 Blocked Since Updates?

May 17, 2010

Last night I installed all the updates that were available for CentOS. Today, I discovered that all connections to port 25 (Sendmail) are being blocked except connections coming from localhost.

I tried disabling the firewall to see if anything would change but it is still blocked.

If it is not the firewall doing the blocking, what else might it be?

View 4 Replies View Related

CentOS 5 Networking :: Can't Access Any Port From The Internet

Nov 28, 2010

1. I've just installed Centos 5.5 on a dell machine with 2 network interfaces, and have disabled SELinux.

The output for the command sestatus is: SELinux status: disabled

2. Am I right to think that iptables is not a concern since SELinux is disabled? In any case, the output for the command "iptables -L" is:

Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain

[Code]....

View 6 Replies View Related

CentOS 5 Networking :: Port Open - Should Be Blocked

Jul 10, 2011

Recently I discovered that we were accidentally running a POP server (port 110), when we only should have been running the encrypted version thereof (port 995). This wouldn't have been a problem if the port was blocked in the first place.Isn't the default iptables setup on CentOS to block unspecified ports? Specifically, this line from /etc/sysconfig/iptables

-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited

Right? Well, this doesn't seem to be working for me. I added some rules to allow additional ports and commented out a couple (crucially port 110), but for some reason, port 110 is open.Here is /etc/sysconfig/iptables and the output of iptables -L below that:

# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]

[code]....

Why isn't "-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited" doing what I think it should be doing?

View 3 Replies View Related

CentOS 5 Networking :: Adding Two Subnets To 1 NIC Port?

Sep 1, 2011

I have a server hosting with in a DC and I have two subnet on 1 VLAN. how can I add all the IPs from these two subnet in one go? lets say for instructional purpose they are 192.168.0.0/24 and 192.168.1.0/24

View 1 Replies View Related

Networking :: Rotating Capture Files Using Tcpdump?

Apr 6, 2010

I would like to set up tcpdump to rotate log file every 1 hour and retain files for the lat 14 days but I don't think any combination of -C and -W would allow me to do that (Atleast I haven't been able to figure it out), so I am trying to rotate the files every X number of MB and retain the last 20 files. This seems to be fairly simple with the '-C X -W 20' option but I am having some trouble in customizing the names of the log files. I have tried '-w capture-$(date +%Y-%M-%d-%H:%M-)' thinking that each file would start with the current date and time but all files are using the date and time when the capture was started so the only difference is the number at the end (which is done by -W). if I can customize the names of the file so that it has the date and time when the capture in started. In fact if I can do that, I dont need the numbers that '-W' appends at the end but I dont know how to get rid of them.

View 4 Replies View Related

Networking :: Tcpdump - No Suitable Device Found?

May 27, 2010

I'm running NetWare SLES 10 sp3 with OES2 sp2. I was working with the folks at Novell to resolve an iPrint Print Manager problem.

During the process they wanted to perform a packet capture using tcpdump. While logged in as the root user the error no suitable device was found, and I received no data at all. This server is running on a VMWare Center. On other SLES 10 sp3 systems (residing on that same VMWre Center), tcpdump captures packets just fine. I inherited all of these servers, so I wasn't here during the initial build, but I'd make the guess that they were configured similarly. On a Server that I built recently, tcpdump works fine. On two of my Servers it does not, and gives the mentioned error.

It's not that big a deal, otherwise the Servers are communicating and working just fine. But, I'd like to get it working just because it's supposed to work. Students are off for the summer, so I have time to play.

View 5 Replies View Related

CentOS 5 Networking :: How To Restrict Ethernet Port Speed

Jul 6, 2010

I have a server in a colocation environment where I'm allotted 25Mbps. I'd like to avoid exceeding that for obvious reasons. Is there a way I can set the link speed or at least throttle the bandwidth for all services?

View 2 Replies View Related

Ubuntu Networking :: Tcpdump Shows Lots Of Activity

Jan 24, 2011

The only window that's open is the terminal running this command, no pidgin, skype, samba, torrent or anything I can think of is using the network yet there is ***** load of output from tcpdump. I was hoping to use this to check where certain applications connect to and what messages they send but when I'm doing nothing there is already more output than I can go through. Running tcpdump for less than 10 seconds gives me the following output:

Code:
16:13:22.015683 IP ns.hihkptt.net.cn.domain > desk.local.56598: 46887 1/2/2 (166)
16:13:22.016251 IP ns.hihkptt.net.cn.domain > desk.local.60099: 21168 1/2/2 (166)
16:13:22.016743 IP ns.hihkptt.net.cn.domain > desk.local.42325: 50346 1/2/2 (166)
16:13:22.034733 IP ns.hihkptt.net.cn.domain > desk.local.41441: 63658 1/2/0 (134)
16:13:22.035215 IP ns.hihkptt.net.cn.domain > desk.local.42865: 37537 1/2/0 (134)
16:13:22.036124 IP ns.hihkptt.net.cn.domain > desk.local.35006: 7520 1/2/0 (134)
16:13:22.036569 IP ns.hihkptt.net.cn.domain > desk.local.38480: 51322 1/2/0 (134)
16:13:22.066006 ARP, Reply 192.168.0.1 is-at 00:b0:0c:02:60:9c (oui Unknown), length 46 .....

View 2 Replies View Related

Networking :: Tcpdump Not Writing Raw Packets With Write Switch?

Nov 21, 2010

I am trying dump some packets using tcpdump and it does not seem to be working.

System is fedora12
TCPDUMP v4.1
Libpcap v1.0
I even rolled my own,
TCPDUMP v4.1.1
libpcap v1.1.1

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved