I want to receive an icmp packet using net filter hook function. A string will be printed if an icmp packet is received.I am able to print the string. but the packet loss in the log message shows 100%packet loss.So i changer hooknum = NF_IP_FORWARD.but still its not working.I want to get log message as received 100%
View 1 Replies
how to identify the icmp packets & marking. this below icmp packets marking is not working.
iptables -t mangle -A PREROUTING -p icmp -j MARK --set-mark 0x5
iptables -t mangle -A PREROUTING -p icmp -j RETURN
with the help of port no or any other how can i identify the icmp packet ?... This below two is working fine
iptables -t mangle -A PREROUTING -p tcp -j MARK --set-mark 0x2
iptables -t mangle -A PREROUTING -p tcp -j RETURN
iptables -t mangle -A PREROUTING -p udp -j MARK --set-mark 0x3
iptables -t mangle -A PREROUTING -p udp -j RETURN
On my system, I have built my own tunneling protocol, where I relay packets over a non-standardized but verified medium. What I do is capture the packets using iptables and NFQUEUE, relay them over my medium, and at the other end I reinject them using raw sockets. The packet going into the tunnel is exactly the same as the one coming out, verified. The problem is that this doesn't work for ICMP Ping (Echo Request) if the destination of the ping is the same as the tunnel endpoint. If the destination is not the same as the tunnel endpoint, the ping packet is rerouted and arrives as it should at the receiver, and the ping reply comes back to the sender. Does anyone know whats going on? Isn't it possible to send raw icmp to yourself? If not, anyone have an idea what I should do instead?
View 1 Replies View RelatedI am setting up a virtual server. Ubuntu 11.04, "minimal provider image".UFW was disabled by default. I set it to default deny. Allowed HTTP, SSH and other standard stuff, and enabled it. All seems to be OK. Adding one rule to block some annoying security scanners causes ping not to work. I'm not an Iptables expert, but it looks OK to me. I got it from some website, rather than invented it myself, but modified to to fit the ufw config file syntax. What in that rule prevents pings?!? It seems completely unrelated.
View 1 Replies View RelatedCode:
#include <iostream>
using namespace std;
[code]...
I am doing some Linux kernel programming for my research project. I need to record the timestamp (by using cpuid and rdtsc) when an interrupt handler (top half) is first invoked. Due to the time critical nature of the problem itself, I have to do the timestamping inside the interrupt handler itself (the first operation when the handler is called). However, I understand that tasks that are not so time critical should be deferred to a tasklet function (bottom half) for processing because other interrupts are disabled in a (top-half) interrupt handler. I am currently out of idea on how I can pass the timestamp information that I have obtained in the interrupt handler to the corresponding tasklet function.
View 2 Replies View RelatedI have a gateway server which is currently listening for TCP/UDP packets and authenticating clients if their details IP/MAC is known.
I have a couple of clients who's network equipment sends ICMP pings to a remote site to determine internet connectivity and I'm missing those resulting in the client's device not logging in.
Is there some way that I can write a listener similar to a listener for TCP/UDP sockets which will listen to ICMP packets and pick up the IP and MAC address of the sender upon which I can perform processing on?
I'm using a single raw socket to read UDP packets from local test network with 1024 ports. Each UDP src and dest port is unique and I need access to IP and UDP header fields. I can stream and process data (in and out) at 100 mbps in linux-rt kernel with very low jitter < 250 usec, 10 usec nominal.
I'd like to prevent kernel from issuing ICMP port unreachable errors back to the sending host, however, I don't want to create 1024 vanilla UDP sockets and bind to each one because of resource constraints. Currently, I'm using iptables to drop the outbound port unreachable messages. Does anyone know of a way (programmatic using C code) to prevent the ICMP unreachable traffic? Perhaps an IOCTL or socket option? I also tried changing /proc/sys/net/ipv4/icmp_ratelimit but that seemed to have no effect. By default the ratemask is set for dest unreachables and a variety of ratelimit values did not change any behavior that I could see.
how can i delete these folders without recieving errors?
View 7 Replies View RelatedI want to declare a function in a function, but had no success till now, see the error code below and visit the project at sourceforge
[Code]...
I looked on the net for such function or example and didin't find anything, thus after having made one i guess it would be legitimate to drop it to see what others thinks of it.
#!/bin/bash
addelementtoarray()
{
local arrayname=$1
[code]....
How can we build a packet using C?we have a structure called sockaddr_in which is use to for IPv4,so that we can define address,port and etc in this way:
Code:
struct sockaddr_in sock;
sock.sin_family=AF_INET;
[code]...
I want to create my own packet for aodv so how can i do? from where i should start?
View 2 Replies View RelatedI want to develop program to put (tunnel) sniffed packets into another packet, i already have sniffer code to capture packet, can some one give me use full site or simple code to do that.
View 3 Replies View RelatedI am the new user to ns-2. I would like to know is it possible to send the keys or some value as the packet data (content of the packet) in ns-2 (for wireless environment).
View 1 Replies View RelatedI got a problem with my CentOS server. Somebody told me OpenVPN Requires different changes inside my firewall settings. That could be the problem why openvpn wont load..I receive this error on my CentOS panel when im trying to connect into the centos openvpn (with my winxp pc):
Thu Sep 17 20:31:36 2009 TLS Error: incoming packet authentication failed from 84.xx.62.122:2622
Thu Sep 17 20:31:38 2009 Authenticate/Decrypt packet error: packet HMAC authentication failed
Thu Sep 17 20:31:38 2009 TLS Error: incoming packet authentication failed from 84.xx.62.122:2622
[code]....
I want to access the timestamp field of the packet being sent or received. I am not getting clear idea as to which ioctl I should use, and how it should be used in the program. Anyone explain rough flow of the program for accessing the timestamp.
View 5 Replies View RelatedI'm a newbie trying to modify a DNS-formatted UDP packet. I am piping DNS replies through a firewall queue where I get the packet with $udp_obj->data provided by NetPacket::UDP. Is there a command line application that will break down the udp packet for me so I can extract an answer? Cpan doesn't have a module to do this. One can *create* udp packets programmatically or get them off of libpcap, but I don't need either.
View 7 Replies View Relatedi'm sniffing network packets with pcap in ubuntu, i need to save these packets somewhere in the memory and after a while read ans send them. how can i do this?
View 1 Replies View RelatedCan someone help me with this problem,trying to send a packet,using tcp/ip,the packet should look like this:
Code:
field 1: SOCKS protocol version, 1 byte (0x05 for this version)
field 2: status, 1 byte:
0x00 = request granted
0x01 = general failure
0x02 = connection not allowed by ruleset
0x03 = network unreachable
0x04 = host unreachable
0x05 = connection refused by destination host
0x06 = TTL expired
0x07 = command not supported / protocol error
0x08 = address type not supported
field 3: reserved, must be 0x00
field 4: address type, 1 byte:
0x01 = IPv4 address
0x03 = Domain name
0x04 = IPv6 address
field 5: destination address of
4 bytes for IPv4 address
1 byte of name length followed by the name for Domain name
16 bytes for IPv6 address
field 6: network byte order port number, 2 bytes
and this is my code:
Code:
int domainLen = strlen(domain);
char reply[domainLen + 7];
reply[0] = 5; // version
reply[1] = 0; // succed
reply[2] = 0; // reserved
reply[3] = 3; // its a domain
reply[4] = domainLen;; // lenght of domain
for(int j = 0; j < domainLen; ++j)
{
reply[j + 5] = domain[j];
}
reply[5 + domainLen] = 80; // port
reply[20] = '�';
Send(reply, sizeof(reply));
domain is "www.google.com". Am I doing it right ? I dont know much about bits.
writing a code in C program for debugging error and sendingror messagein routingprotocols. please answer with code
View 2 Replies View RelatedI wanna capture network packets from DMA ring buffer, just like netfilter. i wanna capture it from DMA, because i wanna get MAC address of I/O packets, so netfilter not included MAC address of out going packets because its on IP level and Ebtables is like that too. how i can capture network packets from DMA ring buffer.
View 9 Replies View Relatedfit a surface i.e. W(x,y) using svdfit() provided by "Numerical Recipes in C". svdfit() is written for curve fitting and not for surface fitting.But one can use svdfit(), as claimed by authors of NR book, to do surface fitting. On page 680 of NR book, authors have given a hint on how to use svdfit() for fitting a surface. But I have not understood it.This link may be helpful (Chapter 15 th is relevant here.):[URL]This is my problem:
Code:
I have a set of 100 numbers. I want to fit a 2-Dimensional function W(x,y) to these numbers.
[code]....
I am trying to generate a UDP syslog packet from my C application. But I am facing a problem with a Cisco Router ACE that does not like the Source Port being '0' and thus drops the packet.How can I specify the Source Port in the UDP header to '514' as stated in RFC3164 (Section 2: Transport Layer Protocol)? "It is RECOMMENDED that the source port also be 514 to indicate that the message is from the syslog process of the sender"
View 1 Replies View RelatedI'm beginning to write a custom RTP implementation and want to test its resilience to UDP traffic. I've searched on the web and all the links I can find are for analysing actual traffic, not generating it or messing it up.
Does anyone know of any software (preferably free software) that will, for example, take actual UDP traffic and drop packets, duplicate some and make some arrive late/out of sequence?
I have found many examples out on the www for creating udp servers with sockets. The problem I am running into is after I receive the packet from a host I need to be able to send a custom made packet(I'm using RawIP / NetPacket to make my packet) back to this host. The only way to do this is seemingly through the send() function. This function however doesn't appear to allow me to specify which host to send my packet to.
View 2 Replies View RelatedI'm working on an application that makes http requests using HttpRequest and it's been doing what I need so far without a problem. Now I need to make https requests as well and when I try to make the request, i get this error message:
Code:
Fatal error: Uncaught exception 'HttpInvalidParamException' with message 'Empty or too short HTTP message: ''' in /home/antoranz/waneesia/html/index.php:0 inner exception 'HttpRequestException' with message 'SSL connect error; gnutls_handshake() failed: A TLS packet with unexpected length was received. (https://www.paypal.com/)' in /home/antoranz/waneesia/html/index.php:104 Stack trace: #0 /home/antoranz/waneesia/html/index.php(0): HttpRequest->send() #1 {main} thrown in /home/antoranz/waneesia/html/index.php on line 0
What's going on?
The project: url
I have a question about calling an asm function from C....It doesn't work unless I create an asm variable to hold the value of the function in....Why?Here's the code that doesn't work...
asmfile.s - version one Code: .section .data
mydata: .ascii "this is the message!
.equ mylen, . - mydata
[code]...
I want to use backtrace() function to debug a crash issue. I tried this sample code to see how backtrace works. backtrace() function always returns 0 with the below code. Is there any kernel configuration that needs to be set for proper working of backtrace?
#include <execinfo.h>
#include <stdio.h>
#include <stdlib.h>
/* Obtain a backtrace and print it to stdout. */
void
print_trace (void)
[Code]...
Can you offer me the code about fmod() in C. I want to know how this function work, i am very interested in it because i have no idea to implement it, i want to know... how to write the function... not 'how to use the function' can anyone post the source codes of this function here?
View 6 Replies View Related
