I am currently trying to build an easy TCP structure in C, following the OSI model,
And I just found that there are 2 differents type of "ether" use no kernel related, which are using similar struct,
I guess the "if_ether.h" intervene if a L2 layer does not exist ?
Or an address is not set.
While the "ether.h" is there to configure directly if a use of the L2 is done.
Or is it something who intervene in case of protocol like "PPP", or anything who may bypass the L2 like a Rawsocket
Some stuff are blur.
Thank you in advance to share your light with me.
Take care !
Related
I am curently looking for a dictionary that contains all (or a lot) of interfaces names for routers and switches.
For instance a dictionary that would look like this :
[[Cisco : GigabithEthernet1/0/0, ..., GigabithEthernet1/0/28, FastEthernet1/0/0, ...],
[Juniper : ge-0/0/1, ..., ge-0/0/12,fa-0/0/1, ...,fa-0/0/12]]
I would like it to contain as much of interfaces names of as much of brand as possible.
I have already been looking for it for a long time now, but I have not been able to find anything so far. So if anyone has something to share on this it would be very much appreciated.
Thanks for reading.
A quick update to inform you that I have not been able to find a dictionnary and that after some research I find out that you don't need one if your problem is to identify interfaces on a switch or router.
Using SNMP, you can find which one of the interfaces on your machine is a physical or logical interface. So I used this reference to know which one of my interfaces are physical interfaces or not.
The OID is : 1.3.6.1.2.1.2.2.1.3
Thanks for the help I have been given so far !
I wonder how to implement sampling in ns3. What exactly I want to implement is to create a simple network of switches and hosts using p2p links. Then, setting a probability (lets say 0.1) for an specific switch and expecting that every packet passing the switch will be captured with probability that I defined earlier. (Pretty much like the sampling in sflow or netflow).
I browsed nsnam.org, and the only tool I found regarding my question is Flow Monitor which I think is not helpful for my purpose.
There isn't a direct way to implement the behavior you want, but there is a solution.
Set up a normal hook to get all packets going through one of the switches. Refer to the tutorial to learn how to use the tracing system.
Then, use a RandomVariable at the beginning of your function to determine whether you want ignore that packet or not. The RandomVariable will need to be in global scope or passed in as parameter to the function.
I took a look over the already asked questions and I didn't find the information I need. In case I miss the questions somehow, please accept my apologize.
I would like to know how can I use a router as switch on GNS3? Since GNS3 (at least in this moment) doesn't accept switches images, how can it be done?
Once this step is made, it is possible to use most the important switch functions? like etherchannel, trunk, multiple vlans etc.
Thank you very much.
Firstly, there is no true way to put switching into hardware, as of yet, that is. The TCAM's functions in L3 switches these days has yet to be perfected in software.
Secondly, there are a couple of ways to do this, but out of the three, two of them will either cost money or take some investigative work.
Drag the switch icon into the simulation. You can do vlan tagging as an access port, or as a trunk port. No etherchannel though. Alternatively, the 3725 Router has some switching capabilities using the 16-ESW card, however functionality is limited and syntax differs.
Buy VIRL from Cisco's website. It is basically an Ubuntu VM with Cisco routers, IOSvL2 (a switch essentially), ASAv, and a couple other virtual network devices. However, if you're not a student, it's a few bucks. In addition, it is subscription based
3.Upload IOU to GNS3. You will need:
-IOU image, found here: http://sourceforge.net/projects/gns-3/files/IOU%20VMs/
-Virtualbox
-License file for IOU
-GNS3 (Obviously)
-L2/L3 IOU images (The L2 images are switches)
You can find the instructions here: http://srijit.com/how-to-configure-iou-in-gns3-for-real-cisco-switching-labs/
Hope this helps.
Has anyone tried implementing a new transport for Rebus? How much work is involved? E.g. number of interfaces that needs to be implemented? Assuming a sensible transport mechanism is used such as Greg Youngs event store..
Thank you.
As the aptly named #user1121956 says, it's a matter of implementing IDuplexTransport, which is just bringing ISendMessages and IReceiveMessages together.
As you can see, the two interfaces boil down to two methods, so when I say that it's a lot of work to implement a new transport, it's because it's not trivial to implement those methods.
It doesn't mean that it's not possible, it's just that it's a place where you would need to be very careful to get things right - otherwise, messages might be dropped or other bad things might happen, and that would not be cool :)
With that said - if you feel like you're up to it ;) - I suggest you check out the Rebus source code and look into the contract tests for the transports - this is where a bunch of common scenarios get run against all the officially supported transports. A good starting point would be to extend the tests with a GregsEventStoreTransportFactory.
I will be happy to help you out with guidance along the way if you run into trouble!
I am attempting to write a userspace application that can hook into an OS's network stack, sniff packets flying past and edit ones that its interested in.
After much Googling, it appears to me that the simplest (yet reasonably robust) method of doing so (on any platform) is Linux's libnetfilter_queue project. However, I'm having trouble finding any reasonable documentation for the project, outside of the limited official documentation. Its main features (as stated by the first link are)
receiving queued packets from the kernel nfnetlink_queue subsystem
issuing verdicts and/or reinjecting altered packets to the kernel nfnetlink_queue subsystem
Emphasis is my own. How exactly am I meant go about this? I've tried modifying the sample code provided, but perhaps I am misunderstanding something. The code is operating in NFQNL_COPY_PACKET mode, so I am receiving the whole packet -- but my modifications to it seem to be restricted to my own application -- as one would expect, given the "copy" semantics.
My feeling is that I am meant to make use of NF_QUEUE somehow, but I haven't quite grokked it. Any pointers?
(If there is a simpler mechanism for doing this, which is also cross-platform, I'd love to hear about it!)
I can't believe I missed this previously. As reticent as I am to post questions on SO, I thought I would never work this one out myself. :)
I didn't look at the function prototype properly. It turns out in the "verdict" function (outlined below),
int nfq_set_verdict(struct nfq_q_handle *qh,
u_int32_t id,
u_int32_t verdict,
u_int32_t data_len,
const unsigned char *buf
)
The last two parameters are for the data to be returned to the network stack. Obvious in hindsight, but I missed it completely as the print_pkt function doesn't take the packet data as a parameter, but extracts it from the struct nfq_data.
The key is to NF_ACCEPT the packet and pass the suitably modified packet back to the kernel.
Just a wild guess from digging around the source code: try explicitly adding the mangled payload using nfnl_addattr_l(…, NFQA_PAYLOAD, …)?