I am learning about net filters and I am practicing some sample programs on it. I am very new to this and I have a general query. I got the packet to a desired function using PRE_ROUTING hook. Now how do I frame a packet from this point? I am just trying to simulate a echo client server program in the kernel level using these hooks. Any useful info on sockets in the kernel level?
View 1 RepliesMy issue is with linux routing tables using iproute2, coupled with the iptables MARK target. When I create a rule to lookup a table with iproute2, and the routing table routes an address as type unreachable (or blackhole, or prohibit), if a higher priority rule does a lookup to another table that routes the address as type unicast but that higher priority rule also matches on a fwmark, the packet to that address is never generated locally to even go through iptables packet filtering/mangling in order to mark it, because the lower priority rule that doesn't match on a fwmark says it's unreachable. For example, I have 2 rules installed with ip:
Code:
10: from all fwmark 0x1000 lookup routeit
20: from all lookup unreach
ip route list table routeit
[code]....
Now, in the packet filter, I have an iptables rule to mark packets to destination 10.0.0.5 with 0x1000 in the mangle table and OUTPUT chain. When I generate a packet locally to 10.0.0.5, all programs get ENETUNREACH (tested with strace). However, if I take out the route entry that 10.0.0.0/8 is unreachable, it all works fine and the routes in the routeit table get applied to marked packets (I know because my default gateway would not be 1.2.3.4, but wireshark shows packets being sent to the MAC address of 1.2.3.4).
The best I can surmise is that when generating a packet locally, the kernel tests the routing tables in priority order but without any mark to see if it is unreachable/blackhole/prohibit, and doesn't even bother generating the packet and traversing iptables rules to see if it would eventually be marked and thus routed somewhere. Then I assume after that step, it traverses iptables rules, then traverses the routing tables again to find a route. So is there any way around this behavior besides adding fake routes to the routing table (e.g. routing 10.0.0.5 to dev lo in the unreach table in this example)?
Can someone help me with this problem,trying to send a packet,using tcp/ip,the packet should look like this:
Code:
field 1: SOCKS protocol version, 1 byte (0x05 for this version)
field 2: status, 1 byte:
0x00 = request granted
0x01 = general failure
0x02 = connection not allowed by ruleset
0x03 = network unreachable
0x04 = host unreachable
0x05 = connection refused by destination host
0x06 = TTL expired
0x07 = command not supported / protocol error
0x08 = address type not supported
field 3: reserved, must be 0x00
field 4: address type, 1 byte:
0x01 = IPv4 address
0x03 = Domain name
0x04 = IPv6 address
field 5: destination address of
4 bytes for IPv4 address
1 byte of name length followed by the name for Domain name
16 bytes for IPv6 address
field 6: network byte order port number, 2 bytes
and this is my code:
Code:
int domainLen = strlen(domain);
char reply[domainLen + 7];
reply[0] = 5; // version
reply[1] = 0; // succed
reply[2] = 0; // reserved
reply[3] = 3; // its a domain
reply[4] = domainLen;; // lenght of domain
for(int j = 0; j < domainLen; ++j)
{
reply[j + 5] = domain[j];
}
reply[5 + domainLen] = 80; // port
reply[20] = '�';
Send(reply, sizeof(reply));
domain is "www.google.com". Am I doing it right ? I dont know much about bits.
I want to know what are the advantages and disadvantages for accessing spi(serial peripheral inerface )from kernel level and user level. like methods of doing it, speed ,memeory utilization etc
View 1 Replies View RelatedI write the network driver. Transmission of packets in user space I do through netlink socket`s. In user space there is a handling of packets and their transmission on other device (however, it isn't important).
Problem in that any time, packets through the driver in system, and is reverse, are transferred normally. But then there comes the moment when the kernel crash. If to look in syslog it seems to me that comes deadlock. Also I think that it is related with netlink socket`s.
I can't find the information on that anywhere how correctly to use netlink socket`s in kernel space. Can at you will any a reason into the account of synchronization of sockets and the driver in kernel space?
I can give the driver code if it is necessary.
Normally to find out some info on a package we have installed on our system, i pop open a shell window and execute: yum info <packagename> and this returns a lot of useful info (in this example, lets consider GIT) about statistics on currently released packages:
Code:
Name : git
Arch : i386
Version : 1.5.5.6
Release : 4.el5
Size : 8.4 M
Repo : installed
Summary : Core git tools
obviously using a few commands at the shell is a little bit easier than this, but some users may be using software without ssh access enabled.
[Code].....
However, is there a way to do 'yum info' like commands via the web browser on packages that are released but that we haven't yet installed or updated to? Or even on packages in other repositories (RPMForge, CentOSPlus) without having to configure our version of YUM in include those repositories so we can query them? I guess in the debian-sphere, the way i used to do stuff like this was via their website. Like for git, i did:[URL]
I am the new user to ns-2. I would like to know is it possible to send the keys or some value as the packet data (content of the packet) in ns-2 (for wireless environment).
View 1 Replies View RelatedDell laptop booting from a USB stick with a CentOS 5.5 minimum installation.
Uncompressing Linux...OK, booting the kernel.
Red Hat nash version 4.2.1.13 starting
sda: assuming drive cache: write through
sda: assuming drive cache: write through
mount: error 6 mounting ext3
mount: error 2 mounting none
switchroot: mount failed: 22
umount /initrd-dev failed: 2
Kernel panic - no syncing: Attempted to kill init!
1. Does minimum installation not drop on a kernel or initrd with ext3 support? I can't imagine that's true, but have to ask.
2. The USB stick is single partition ext3. Maybe there is some limitation specifically related to USB stick booting that requires boot to be FAT16 or FAT32? Except the CentOS 5.5 installer refuses to let me install on either FAT.
3. How can I do the equivalent of lsmod on a linux installation that will not boot? i.e. I have CentOS x86_64 running in VirtualBox, I can plug the USB stick in there, so how do I get information on the USB stick's kernel and initrd if I can't boot from it?
4. Is it possible to rebuild the i386 based initrd on this USB stick, when the computer is not booted from that stick, with a system that's x86_64 based?
System Info:
Dell Latitude i686 Laptop which has run CentOS 5.5 and Fedora 12,13,14 in the past, and boots from Fedora 14 Live CD transferred to a USB stick. So I know USB booting is possible on this machine, and this stick.
The process of creating the stick:
CentOS 5.5 i386 on a USB stick. Old Dell i686 laptop which has previously run CentOS 5.5 installed from DVD, and has successfully booted from this same USB stick holding transferred Fedora 12,13,14 Live CDs. CentOS 5.5 was installed onto the USB drive directly by the CentOS 5.5 DVD installer (running virtualized in VirtualBox 4.02 on Mac OS X 10.6.5.). No errors or complaints during installation.
For whatever reason, the installer did not do some things correctly. First Grub wasn't working correctly, I got that sorted out and have the Grub+CentOS splash screen, it finds vmlinuz and the initrd, and then I get a kernel panic.
Ext3 was built into the kernel and that's why I'm getting this message. I do not know how the installer would have dropped a kernel or initrd during instalation that that don't contain such a basic thing that obviously comes in linux kernel 2.6.18-89 EL.
I want to run ssh-keygen -f [filename] but also specify no password. I know the -N option is used to specify the password but putting -N with nothing after it isn't permitted.
View 4 Replies View RelatedI am facing problem(system gets crash) while I try to send IPv6 packet by using my kernel module. I have given the code and makefile for my module. I will appreciate if any one shares any tester module for sending IPv6 packets.The kernel version that I am using is 2.6.9 and it supports for IPv6.
file name: rtp_pkt_tx.c
#include "linux/kernel.h"
#include "linux/module.h"
#include "linux/skbuff.h"
#include "linux/init.h"
[Code]...
What's the total no. that the OS can create? Does this differ from 32-bit?
View 1 Replies View RelatedI am getting Kernel panic. I was getting is very frequently before, then I re-installed and it starts off fine then after a while it starts happening again.The problem is I have no idea what is causing it. The screen is completely frozen and won't respond to anything. The Alt sysreq combinations don't work, and I have to power off with the button.
View 2 Replies View RelatedThere is lot of iso, and the kernel is the very important thing for the install since the hardware is depending, directly. Unfortunately kernels are changing and it could be interesting to have the information for each iso cdrom. I guess it might be somewhere but that's not so obvious and easy to find (never found where). Debian is cool, nicest distro ever !
View 8 Replies View RelatedHi ,
I created a socket.port no 21 meaning ftp client.
I am sending some stings and receviing some data from server.Fine.
But I want to send a file some x.c to host using socket.
Please can someone help me whether we can do it or not.
If we can how can we send a file.I was only able to send buffer and data but not a file.Please if possible can you help me with example.
Regards,
shaiva
The problem started when I noticed I couldn't upload to people using a torrent downloading program, the program listened on port X and when I sniffed on the same port I saw that syn's are forwarded correctly from my nat to that port but the program doesn't relate to those packets. Then I listened with NC, and even on another port nothing is being answered to those syns packets.
View 3 Replies View RelatedI got a problem with my CentOS server. Somebody told me OpenVPN Requires different changes inside my firewall settings. That could be the problem why openvpn wont load..I receive this error on my CentOS panel when im trying to connect into the centos openvpn (with my winxp pc):
Thu Sep 17 20:31:36 2009 TLS Error: incoming packet authentication failed from 84.xx.62.122:2622
Thu Sep 17 20:31:38 2009 Authenticate/Decrypt packet error: packet HMAC authentication failed
Thu Sep 17 20:31:38 2009 TLS Error: incoming packet authentication failed from 84.xx.62.122:2622
[code]....
I am looking to get some information on the version of Linux we are running. I was advised that it was 2.6.18-194.17.4.el5. When I did a search on this and it keeps telling me that is reference to a kernel info. Is this the Linux version or kernel info?
View 6 Replies View RelatedI am currently having issues with system freeze when unmounting portable hard drives. This happens almost every single time. Normal USB sticks are fine and do not produce the freeze. I am using kernel 3.0.0-rc6, however the issue also persists when switching back to 2.6.39. This is the error message i get when freeze occurs, reverting to terminal output:
WARNING! power/level is deprecated use power/control instead
Jul 13 18:26:49 destiny kernel: [ 6196.892776] Call Trace:
Jul 13 18:26:49 destiny kernel: [ 6196.892803] [<ffffffffa008feec>] ? scsi_setup_blk_pc_cmnd+0x15/0x104 [scsi_mod]
[Code]...
I am writing a device driver and want to debug it using KGDB.Could anyone tell how to install and debug with KGDB on Linux 2.6.35 distribution?
View 2 Replies View RelatedI have gone thorugh some documents about pthread (NTPL ) in linux 2.6 kernel. As per that linux uses 1: 1 threading model and for each user level thread there is kernel level thread. Pthread_create uses clone system call to create a LWP and the kernel could treat that as a LWP and do scheduling and all .( different from linuxthread). My question is what's meant by there is kernel level thread for each pthread created. Can I see the kernel level thread if I call pthread_create using ps .
What exactly meant by 1:1 .I mean for each user level thread there is kernel level thread . If I make a system call from a thread does the OS services that action via kernel thread ( created using kernel_thread () or some other way ) internally ..
Most kernels are written in low level programming languages such as C and Assembly. Would it be possible to write a kernel in a high level language such as Python? Many high-level languages are themselves written in C.
View 5 Replies View RelatedI am trying to make a file proxy server...that is any request of file a client makes goes to the proxy server...it checks it in cache if not there then asks main server for the file. to act as a server for client and as client for server...how to do it in a single program. I tried with 2sockets with different ports one for client-proxy server and one for proxyserver-main server.But it does not workAm i doing something wrong or is there any other method
View 2 Replies View RelatedI have a C program which does.
1. Creates a UDP socket
2. Send the UDP Request packet to the TFTP server.
3. If the TFTP server is not listening in the 69 port, the remote machine send an ICMP ("Port Unreachable") message.
Is there a way to receive a notification from the Linux kernel on receipt of an ICMP packet to the created UDP socket.
root@HOST [~]# /etc/init.d/httpd start
Starting httpd: no listening sockets available, shutting down
Unable to open log [FAILED]
root@HOST [~]# /etc/init.d/httpd restart
Stopping httpd: [FAILED]
Starting httpd: no listening sockets available, shutting down
Unable to open logs [FAILED]
root@HOST [~]# tail -n 10 /var/log/messages
Sep 29 17:59:30 localhost avahi-daemon[2870]: New relevant interface wlan0.IPv4 for mDNS.
Sep 29 17:59:30 localhost avahi-daemon[2870]: Joining mDNS multicast group on interface wlan0.IPv4 with address 196.219.240.236.
Sep 29 17:59:30 localhost avahi-daemon[2870]: Registering new address record for 196.219.240.236 on wlan0.
Sep 29 17:59:31 localhost avahi-daemon[2870]: New relevant interface wlan0.IPv6 for mDNS.
Sep 29 17:59:31 localhost avahi-daemon[2870]: Joining mDNS multicast group on interface wlan0.IPv6 with address fe80::223:cdff:fecb:9c5e.
Sep 29 17:59:31 localhost avahi-daemon[2870]: Registering new address record for fe80::223:cdff:fecb:9c5e on wlan0.
Sep 29 17:59:31 localhost NetworkManager: <info> (wlan0): device state change: 7 -> 8
Sep 29 17:59:31 localhost NetworkManager: <info> Policy set 'Sunsoft1' (wlan0) as default for routing and DNS.
Sep 29 17:59:31 localhost NetworkManager: <info> Activation (wlan0) successful, device activated.
Sep 29 17:59:31 localhost NetworkManager: <info> Activation (wlan0) Stage 5 of 5 (IP Configure Commit) complete.
What is the problem I have a local server
CentOS Linux
In playback application i guess "snd_pcm_lib_write1" is the function call used to write the audio data to sound card at kernel level.If that is true. how can i send the same audio data at kernel level to other system connected over LAN.
View 1 Replies View RelatedWe all know linux kernel base layer is made up of structures, in which every object of kernel is well defined. Structure members correspond to object properties required to define object behavior.
For example if we take case of File system.It composed of four objects , superblock objects, inode objects, file objects and dentry object.Each having well defined structure which is being operated by system call handler and by system call service routine in the kernel mode.
Now my question is even in kernel mode we do not have some mechanism by which we can get access to pointer of these structures.We have some macro.
If I want to manipulate structure on my on way, or performing some more operation defined by me.For example after the crash of Hard Disk Drive, having ext2/3 file system, If i want to know all the inode pointers, and block details.
Can I have some way out to do desired operation ??
mechanism to operate on these base label structures, even in kernel mode ..
I wrote an application that receives packets on one interface and sends them to another interface after it added a vlan header. Both the sending and the receiving is done using raw sockets. Everything seems to work fine until I get TCP packets that are of size 1514 (MTU). Once I add a vlan header to the packet, its size becomes 1518 and when I try to send it I get the returned value -1 and errno=90 (message too long). I tried to change the MTU of the NIC to a value that is bigger than 1500 but that fails. If I create a bridge using brctl and vconfig between the NICs I can see that my NIC does sends packets of size 1518. What do I need to in order to make my NIC to send packets of size 1518?
View 5 Replies View RelatedI would like to send a data using one thread and receive a data using other thread by using a same socket connection using USD sockets. The calls i am using for sending and receiving are send(), recv(). let me know is it possible to send and receive the data parallel (Full duplex communication)?
View 2 Replies View RelatedDid a netstat -an got this
Active UNIX domain sockets (servers and established)
I am writing a code in Python where a socket client changes data with the server. That works nice if the connection is up. However it is also supposed to work offline. So I need to be able to detect if the connection is up before sending data, but I was not able to do so. A summary of the code is like that:
Code:
try:
socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
socket.connect( (self.host, self.port) )
connected = True
except:
connected = False
if connected:
data = "some data byte"
try:
socket.send(data)
except:
connected=False
socket.close()
If I unplug the cable after the connection is ready then the socket sends data and does not detect the connection failure. What is amazing is that the client detects the connection failure just after the cable has been plugged again. Of course there is a loop in the code above and always that connected==False a new connection is made. How could the program detect the connection failure before sending data and then lead the code to an exception?