Networking :: Identify The Icmp Packet?
Dec 1, 2010
how to identify the icmp packets & marking. this below icmp packets marking is not working.
iptables -t mangle -A PREROUTING -p icmp -j MARK --set-mark 0x5
iptables -t mangle -A PREROUTING -p icmp -j RETURN
with the help of port no or any other how can i identify the icmp packet ?... This below two is working fine
iptables -t mangle -A PREROUTING -p tcp -j MARK --set-mark 0x2
iptables -t mangle -A PREROUTING -p tcp -j RETURN
iptables -t mangle -A PREROUTING -p udp -j MARK --set-mark 0x3
iptables -t mangle -A PREROUTING -p udp -j RETURN
View 1 Replies
ADVERTISEMENT
Feb 21, 2011
On my system, I have built my own tunneling protocol, where I relay packets over a non-standardized but verified medium. What I do is capture the packets using iptables and NFQUEUE, relay them over my medium, and at the other end I reinject them using raw sockets. The packet going into the tunnel is exactly the same as the one coming out, verified. The problem is that this doesn't work for ICMP Ping (Echo Request) if the destination of the ping is the same as the tunnel endpoint. If the destination is not the same as the tunnel endpoint, the ping packet is rerouted and arrives as it should at the receiver, and the ping reply comes back to the sender. Does anyone know whats going on? Isn't it possible to send raw icmp to yourself? If not, anyone have an idea what I should do instead?
View 1 Replies
View Related
Oct 7, 2010
I want to receive an icmp packet using net filter hook function. A string will be printed if an icmp packet is received.I am able to print the string. but the packet loss in the log message shows 100%packet loss.So i changer hooknum = NF_IP_FORWARD.but still its not working.I want to get log message as received 100%
View 1 Replies
View Related
Aug 9, 2011
I have been having a hard time with my Ubuntu OS it's been giving me an error in the system but as it tries to make an error report it fails the reason being it can't identify the packet id. Here the example of the error i've been getting while trying to update or install packages, when using the terminal sudo apt-get install f- or sudo apt-get install 3kb <this is what it gives>
E: Encountered a section with no Package: header
E: Problem with MergList/var/lib/apt/lib/apt/list/extras.ubuntu.com_ubuntu_dists_natty_main_i18_Tran slation-en
E: The package lists or status file could not be parsed or opened.'
Tried the Update manager within the Ubuntu OS but as it loads it gave me the same error report but this time stating I should report this to the 'update-manager'
View 1 Replies
View Related
Jul 12, 2010
I am the new user to ns-2. I would like to know is it possible to send the keys or some value as the packet data (content of the packet) in ns-2 (for wireless environment).
View 1 Replies
View Related
May 21, 2011
I am setting up a virtual server. Ubuntu 11.04, "minimal provider image".UFW was disabled by default. I set it to default deny. Allowed HTTP, SSH and other standard stuff, and enabled it. All seems to be OK. Adding one rule to block some annoying security scanners causes ping not to work. I'm not an Iptables expert, but it looks OK to me. I got it from some website, rather than invented it myself, but modified to to fit the ufw config file syntax. What in that rule prevents pings?!? It seems completely unrelated.
View 1 Replies
View Related
Mar 16, 2010
I run a linux box as a gateway behind a satellite modem. The internet link over the satellite modem is only 1mbit so the usage often reaches 100% when someone is downloading/uploading something. I am seeing my ping return time jump from 700ms to 6000ms if someone tries to upload a file (by sending a attachment in a email etc). The satellite operator is saying this is normal, but I have my doubts.
Has ICMP got a lower priority? Should I really be seeing this behaviour? I understand that if it was a TCP packet then it would just be queued until the previous acknowledgement has been received. And if it was a UDP packet then it would have been dropped, but how does ICMP deal with these situations during heavy traffic?
View 2 Replies
View Related
Feb 20, 2011
Is there a way to set the IP that's returned in an ICMP TTL exceeded packet? Reason I ask is I have an edge router with several upstreams, and several downstream routers, and when I traceroute to it I would like only one of it's IP's to show up in the trace (Instead of each . Much like some of the larger ISP's do to mask the IP and hostname of their internal routers.. Is this possible?
View 2 Replies
View Related
Jan 12, 2010
I have One Server which is having IP 10.176.0.155. I want that client 10.176.0.135 is not able to ping this server only & cane it is possible to block through hosts.
View 1 Replies
View Related
Jun 22, 2010
Why linux traceroute uses UDP protocol, we have basic ICMP protocol which is used in MS-windows tracert.Any specific use of traceroute using with UDP,TCP than ICMP?Windows is displaying all HOPs address but linux printing *.*.*
View 8 Replies
View Related
Jul 9, 2009
I have a C program which does.
1. Creates a UDP socket
2. Send the UDP Request packet to the TFTP server.
3. If the TFTP server is not listening in the 69 port, the remote machine send an ICMP ("Port Unreachable") message.
Is there a way to receive a notification from the Linux kernel on receipt of an ICMP packet to the created UDP socket.
View 1 Replies
View Related
Aug 19, 2010
icmp request from an ip that is in the same network as one of the local interfaces is not responded to, if the ping request is received via an interface in a different network. Is this some security feature?
Consider the below network
x.1|RTR1|-y.1---------y.2-|RTR2|-z.2------z.3-|LNX|-x.3
RTR - Router
x.1 -> 192.168.x.1
LNX - Linux machine
[Code]....
View 1 Replies
View Related
Jul 23, 2011
So im trying to get an icmp tunnel setup using ptunnel. When I run it under the same network and use to connect to RDP, it works fine, however when go outside my network and connect in, it does not get anywhere. I can confirm that I have forwarded ICMP packets to the server (if I ping the external ip it will show the status of the server if I unplug it) and that the server is showing signs of registering it.
On the client it just tries to resend the packet "Resending packet with seq-no 0" Over and over Firewall is off for testing so thats not the issue.
View 2 Replies
View Related
Sep 10, 2009
From what I've read, when linux sends a ping it sends without the netmask, so windows server assumes it must be a broadcast? Why doesn't linux send a netmask with a ping?
View 6 Replies
View Related
Nov 13, 2010
I tried to ping some of the pcs on the local network but for those with icmp disabled it doesn't work. I've used
Code:
nmap -sP 192.168.2.0/24
View 3 Replies
View Related
Jan 8, 2011
Installed Ubuntu Server 10.10, included Apache, PHP, and OpenSSH. Apache is up and serving pages, I can connect using PuTTY no problem. Server responds to a pingHowever, attempting to use ping or traceroute from the server results in a Destination Unreachable. Happens even for other 192.168.1.10x boxes on the local network
View 1 Replies
View Related
Feb 8, 2011
Why firewalls does not allow ICMP echo request packets. Why are pings not allowed to certain systems?
View 1 Replies
View Related
Apr 21, 2010
Can any one tell me a network monitoring tool which can monitor remote connectivity and generate a comprehensive report about the link state like up/down, error timings, increase in latency and packet loss rate.
View 3 Replies
View Related
Jan 14, 2010
I set up a static IPv6 address and a gateway in /etc/network/interfaces. However, a bad router in my network environment alway send wrong ICMP router discovery messages to me. So I have got extra (wrong) IPv6 address and gateway, and the routing is confused. On Windows Servers, I can use "netsh interface ipv6 set interface "Local Area Connection" routerdiscovery=disable" to disable ICMP router discovery. But I don't know how to disable it on Ubuntu 9.10. How could I disable ICMP router discovery for IPv6?
View 4 Replies
View Related
Sep 28, 2010
When I ping our Microsoft Windows terminal server "cluster" farm, I get ICMP warnings that there are duplicate packets. I am able to rdesktop to the cluster with no problems. We are trying to setup nagios to run on this Ubuntu configuration and nagios is reporting the following error:
"PING WARNING - DUPLICATES! Packet Loss=0%, RTA=.98ms.
FPing reports duplicates as well. Is there a setting in the Arp table that needs to be set differently because the "Cluster" MAC address isn't an actual hardware MAC but a virtual MAC address?
View 2 Replies
View Related
Mar 9, 2011
Struggling to get my Linux server accept ICMP redirects not originating from default gateway. No problem to get it working if the redirects is originating from def gw.I know it's not a good solution security wise, but my network is so cluttered I'm forced to do so.
View 1 Replies
View Related
Apr 20, 2011
I have a dedicated host on my lan to monitor other hosts/services using Nagios. I'm in the process of migrating to Zabbix on that host to perform the same purpose. Both Nagios and Zabbix monitor icmp ping latency (Nagios uses ping, Zabbix uses fping) and over time the latency to other hosts grows until threshold alarms are triggered. In one week, the average latency grows from sub-millisecond to over 100 milliseconds, and continues to grow until the Nagios host is rebooted. I have verified the latency numbers using ping/fping from the command line on the Nagios host.
The problem is that pings from the monitored hosts to the Nagios host show normal latency at the time the Nagios host is showing high latency from itself to the monitored hosts. The Nagios host and monitored hosts are all connected to the same Dell 24 port gigabit switch. I already posted this question on the Zabbix forums with a graph of the latency but there were no answers. [URL] why the icmp ping latency is growing over time and how I can fix it short of rebooting the host on a schedule.
[Code]...
View 5 Replies
View Related
Sep 17, 2009
I got a problem with my CentOS server. Somebody told me OpenVPN Requires different changes inside my firewall settings. That could be the problem why openvpn wont load..I receive this error on my CentOS panel when im trying to connect into the centos openvpn (with my winxp pc):
Thu Sep 17 20:31:36 2009 TLS Error: incoming packet authentication failed from 84.xx.62.122:2622
Thu Sep 17 20:31:38 2009 Authenticate/Decrypt packet error: packet HMAC authentication failed
Thu Sep 17 20:31:38 2009 TLS Error: incoming packet authentication failed from 84.xx.62.122:2622
[code]....
View 5 Replies
View Related
Jun 14, 2010
The way to identify CAT 5 and CAT 6 cable?What are the differences between these two cables..?
View 8 Replies
View Related
Jul 26, 2011
Is there a linux command (or command combination or utility) that can identify all processes (PIDs) that are sharing a TCP/IP stack ?
View 4 Replies
View Related
Apr 13, 2011
How to identify the status of the ethernet interafces? on my machine, every interface shows "UP" nn matter the interface is connected or not:
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
View 4 Replies
View Related
Sep 2, 2010
I was wondering if anyone might know of good reference material, books websites etc., that discuss network security issues in layman terms. I would like to set up a dedicated Linux box as a firewall and would like to have a deeper understanding of the different types of configurations that are possible. I run a dual boot system and most of the firewalls I have used on the Windows side are very confusing to me. A lot of the time they give you a pop up that informs you that some cryptically named program is trying to access the network or the internet and wants to know if I want it to or not, 99% of the time I have not idea if it is a legitimate program or not. I realize that this is probably a separate issue (knowing how to identify programs and processes that should have access from those that should not) from setting up a firewall and basic network security but I know that they are related.
View 3 Replies
View Related
Jun 10, 2009
have two internet lines from two isp every one pluged to interface eth0 and eth1 and i have eth2 interface to internel network clients now i need to make some clients to use line 1 and other use line 2 i want make this without use netmask , just for selected IP.
View 1 Replies
View Related
Apr 9, 2010
I have 3 Dell Precision M4400 machines. After getting updates yesterday or today, I get random network dropouts like crazy, on wired or wireless. On one machine I was able to turn off ipv6 in grub and reboot, and it works now. However on the other 2 machines, still have the same problems. All 3 are running 9.10 64 bit. Is there a way I can back out the updates so the network works again? Anyone else see this behavior after updates today?
View 2 Replies
View Related
May 18, 2011
I have iomega appliance, which is based on Debian distribution. There is an NFS share that I have created which is without password.Since it is without password, there are some viruses copied. I want to find out which IP address is the source of these files. In other words, I want to know which PC is copying these infected files on the NFS share.
View 3 Replies
View Related
