I would like to communicate between two machines on the same network by using netcat. Basically I need to send some UDP frames from one machine to another on the same network.
I looked through netcat literature and found it is possible to send UDP frames, so first i tried between 2 Linux consoles on the same machine.
Next, I tried between 2 machines on the same network but this did not work.
Can someone please explain how can this be done or if there is some alternate method that can be used.
Thanks in advance!!
Make sure your firewalls allow UDP throughput.
iptables -A INPUT -p udp -m udp --dport 1:65535 -j ACCEPT
Related
Iperf3 uses two channels to communicate, one via TCP and the other via UDP.
When its going to communicate to another host, it uses the same port for both channels.
For example: If I tell it to connect to port 3000 on the host, the TCP channel will connect on the host's port 3000
and the UDP channel too.
I need to encapsulate the TCP communication into UDP datagrams, send over UDP to the host on port 3000 and then de-encapsulate
the TCP and demultiplex it so it gets delivered correctly at port 3000.
To achieve this, Im using socat to create a TCP-UDP tunnel like this (this tunnel is working!):
On the sender end:
socat -d tcp-listen:2000,reuseaddr,fork udp:54.226.25.18:3000
On the receiving end:
socat -d udp-listen:3000,reuseaddr,fork tcp:localhost:1080.
OK, now why I'm converting TCP to UDP and then from UDP to TCP again? I'm doing that because I was trying to use socks4, and it works
only with TCP. I was using it to encapsulate the TCP and UDP traffic into TCP, then I convert this TCP stream into UDP and send over
to the host with socat, like this:
On the sender end (tunnel+socks):
socat tcp-listen:2000 socks4a:localhost:54.226.25.18:3000 & socat tcp-listen:1080,reuseaddr,fork udp:54.226.25.18:3000 & nc localhost 2000
On the receiving end (tunnel):
socat udp-listen:3000,reuseaddr,fork tcp:localhost:1080 & nc -l 1080
This solution kinda works, this is what the receiving end receives:
�senderPcName54.226.25.18
But it only receives something the first time, when I send more data with netcat, nothing shows up on the receiving end.
Maybe this is happening because the way Im doing it theres nothing on the other side to open what is encapsulated into TCP and demultiplex it. This is my hunch, I might be wrong.
I tried to think on a solution using socks5 but I dont know how to send things through it (didn't find materials on how to do it) like I do with socks4 in this line:
socat tcp-listen:2000 socks4a:localhost:54.226.25.18:3000
I tried without success to install socat with socks5 support because it lacks files.
You can read about Iperf3's relevant behavior here:
https://github.com/esnet/iperf/issues/1019
Obs: I NEED to tunnel over UDP. And I can only use ONE UDP port.
Any pointers on how to solve this with socks or with something new altogether is greatly appreciated.
Summary of my problem: Iperf3 uses TCP and UDP to work. I can only use UDP. How to tunnel the TCP connection alongside UDP so it works without setting a real TCP connection?
You will need some kind of multiplexer solution to drive both UDP and TCP through the UDP channel.
When you have root privilege on both computers, you can establish a Socat tunnel:
On sending side:
sudo socat -d -d -d -d TUN:192.168.255.1/24,up UDP:54.226.25.18:2000,bind=:2000
On receiving side:
sudo socat -d -d -d -d TUN:192.168.255.2/24,up UDP-LISTEN:2000
You should now be able to ping 192.168.255.2 from sender and 192.168.255.1 from receiver.
For testing UDP, enter on receiver:
socat UDP-LISTEN:3000 -
On sender:
socat - UDP:192.168.255.2:3000
To test my implementation of a NAT, I want to send TCP packets from one internal host to two different external hosts, and make sure that the source port for both streams of packets that leave the NAT have the same source port. How can I control the source port? wget uses different source ports for separate TCP connections.
Maybe you want to try netcat with -p option, if you don't want to write code by yourself, example:
$ nc -p 31337 www.google.com 80
Here is the explanation for "-p" option from man page:
Specifies the source port nc should use, subject to privilege restrictions and availability. It is an error to use this option in conjunction with the -l option.
Note though to use any port under 1024 requires root permission.
Bind the socket to a specific local port before you connect it.
I can target a client IP address on my router like:-
iptables -I INPUT -s 123.456.7.89 -j DROP
Is it possible to target the IP of the access point the client device is connecting through instead (or the SSID since each access point has it's own).
I've been looking at the match flag but can't find anything there. Thanks.
The only way is to filter by mac address, but it's not so easy.
Please spend some times with this picture:
Using the MAC module extension for iptables from here
The side effect explained here occurs when the netfilter code is
enabled in the kernel, the IP packet is routed and the out device for
that packet is a logical bridge device. The side effect is encountered
when filtering on the MAC source in the iptables FORWARD chains.
As should be clear from earlier sections, the traversal of the
iptables FORWARD chains is postponed until the packet is in the bridge
code. This is done so we can filter on the bridge port out device.
This has a side effect on the MAC source address, because the IP code
will have changed the MAC source address to the MAC address of the
bridge device.
It is therefore impossible, in the iptables FORWARD chains, to filter
on the MAC source address of the computer sending the packet in
question to the bridge/router. If you really need to filter on this
MAC source address, you should do it in the nat PREROUTING chain.
Agreed, very ugly, but making it possible to filter on the real MAC
source address in the FORWARD chains would involve a very dirty hack
and is probably not worth it.
I'm trying to test my WebSocket server in the face of an unreliable client connection.
I would like to be able, at any moment I choose, to forcefully drop a single WebSocket connection on the client side, without sending closing frames or a TCP FIN handshake. The browser itself cannot do this (right?) because it gracefully shuts down each WebSocket when a tab is closed. Other WebSocket connections from the same host (me in other browser windows) should not be affected.
My system is Ubuntu Linux 12.04; my browser is Chrome (but I could switch to any WebSocket-compatible browser to test this).
The server is using Ruby and em-websocket.
Options I've considered:
killall -9 $pid_of_tab but that's a bit rude, and the kernel apparently still closes the TCP connection
iptables firewall rules but that requires root, and it's hard to drop just one connection (from localhost) whilst keeping others alive
connecting from another machine, then unplugging the network cable or disabling the wifi
The last two would work, but it feels like there must be an easier way. Any ideas?
I suspect that you could do this pretty easily with Fiddler or WebScarab
Here's the iptables version (assuming the socket is served on localhost, port 3000):
To add a rule that drops all traffic:
$ sudo iptables -A INPUT -i lo -p tcp --dport 3000 -j DROP
To remove that rule again:
$ sudo iptables -D INPUT -i lo -p tcp --dport 3000 -j DROP
I am trying to find a way to read multiple ports using tcpdump. Suppose I have two ports, p1 and p2, and I want to read the traffic moving through both ports simultaneously. Is there any way to do it using tcpdump or will I have to use some other tool?
Basically I am running a proxy server which is running on some port. I want to read the traffic moving through this port as well traffic moving through port 80(HTTP).
tcpdump port 80 or port 3128
or, alternatively,
tcpdump port '(80 or 443)'
if you want to filter ports based on the range then use portrange.
E.g:
tcpdump -an portrange 1-25
You can also select an interface (change -i any to -i en0 for example) and the communication protocol :
tcpdump -i any 'udp port 1812 or tcp port 1813'