I want to redirect all outbound packets,
which are originated from localhost and going to 192.168.6.10:1521, to 192.168.3.199:4002.
So, I tried as below, but it doesn't work.
sudo sysctl net.inet.ip.forwarding=1
echo "
rdr pass proto tcp from any to 192.168.6.10 port 1521 -> 192.168.3.10 port 4002
" | sudo pfctl -ef -
There are many examples with ipfw or iptables,
but I couldn't find one working with pf in os x yosemite.
thanks in advance for your help :)
Related
I have neo4j community server edition 3.4.5 and which will be giving me "WebSocket connection to 'ws://localhost:7687/' failed".
I found some solution to work in firefox, chrome, IE but those are temporary solutions which work. but I don't think that just by passing proxy would be a permanent solution.
It is not working if connected to VPN(office network), otherwise working. What could be a reason for this error within an office network? How to resolve this issue.
Any idea or suggestions, Please
There can be several reasons for this issue and I probably need to know more about your setup before I can pin point the problem.
1 check:
Disconnect from the VPN, and open a command prompt (Windows+R then write cmd and press enter)
Use either telnet or putty ( https://www.putty.org/ ) and connect to 127.0.0.1 port 7687:
telnet 127.0.0.1 7687
See if you a response like this:
GET / HTTP/1.0
2 check:
Go to you proxy settings and see if you have a proxy enabled:
Firefox: Preferences/Options > Advanced > Network > Settings
IE: Tools > Options > Connections > Lan Settings
Suggest to turn off your proxy and do the check in check 1 again.
3 check:
Connect to your VPN and do the check 1 part once again
Check for error messages (that you probably would get) and then write in the command prompt:
route print
It should show a line like this:
127.0.0.0 255.0.0.0 On-link 127.0.0.1 xxx
127.0.0.1 255.255.255.255 On-link 127.0.0.1 xxx
127.255.255.255 255.255.255.255 On-link 127.0.0.1 xxx
This ensure that you still have your loop back up and running (probably is ok).
4 check:
Turn off your local firewall with VPN connected (if allowed) and try the check 1 again.
Some firewall rules change connections to "localhost" while connected to a VPN, since the new connection is "corporate" or "public".
If that worked, you need to create a rule in your firewall to allow connection to port 7687 for all addresses, this will fix your problem.
5 check:
Check your neo4j community server to listen to "127.0.0.1" and not "0.0.0.0"
Check your ports open by using netstat
netstat -a -o
It should state something like this
Proto Local Address Foreign Address State PID
TCP 0.0.0.0:7687 machinename:0 LISTENING xxxx
or
TCP 127.0.0.1:7687 machinename:0 LISTENING xxxx
If the server is like the first line, it might be handled by a corporate firewall, but by using the 127.0.0.1 as address it should always be local.
Hopefully that will get you on the way :)
i had same problem, so Let me tell you what i came out with...
the company has a proxy server for all connections, so i change my request from IP to DNS by typing nslookup IP on command prompt terminal.
from: ws://180......:80/socket/test to: ws://mxjuppro22......:80/socket/test
then error gone and now is working like a charm!!!
hope it helps
i am trying to learn socket programming with PHP but quickly ran into binding errors on ports,now my attention is diverted onto solving port issues, how do i go about fully controlling ports on my machine, what commands do i use?
sudo netcat -z -vv localhost http
localhost [127.0.0.1] 80 (http): Connection refused
my problem is i get connection refused on port 80
and when i run a port scan on my iMac i only get
netcat -v -z -n -w 1 127.0.0.1 1-1023
127.0.0.1 88 (kerberos) open
127.0.0.1 548 (afpovertcp) open
127.0.0.1 631 (ipp) open
how do i add port 80 (http) open
to that list?
any help would be appreciated thanks
Is there any command which checks that a certain process is listening to a port.
I have tried check_tcp but it does not output which process is listening to a port
Its output was:
TCP OK - 0.000 second response time on port 8443|time=0.000421s;;;0.000000;10.000000
I didn't see anything on the Nagios Plugins Exchange to meet your needs, so I wrote one to be used with NRPE.
https://github.com/jlyoung/nagios_check_listening_port_linux
Output looks like this:
[root#joeyoung.io ~]# python /usr/lib/nagios/plugins/nagios_check_listening_port_linux.py -n nginx -p 80
OK. nginx found listening on port 80 for the following address(es): [0.0.0.0] | 'listening_on_expected_port'=1;;;;
[root#joeyoung.io ~]# python /usr/lib/nagios/plugins/nagios_check_listening_port_linux.py -n nginx -p 9999
CRITICAL - No process named nginx could be found listening on port 9999 | 'listening_on_expected_port'=0;;;;
I have Nginx running on 8080, while Varnish runs on port 80. I can do
wget localhost:8080
in shell and get a response, but if I run
wget localhost
I get connection refused. For reference, I'm trying to access it externally but get the same problem. Hopefully I can solve access from localhost first!
Thanks in advance!
netstat -tulnp shows you every port and service running
iptables -L shows you if port open or blocked
cheers
I'm trying to send a broadcast message using netcat.
I have firewalls open and sending a regular message like this works for me:
host: nc -l 192.168.1.121 12101
client: echo "hello" | nc 192.168.1.121 12100
But I can't get something like this to work.
host: nc -lu 0.0.0.0 12101
client: echo "hello" | nc -u 255.255.255.255 12100
Am I using the right flags? Note, the host is on Mac and the client on Linux. Can you give me an example that works for broadcasting a message?
Thanks!
The GNU version of netcat might be broken. (I can't get to work under 0.7.1 anyway.) See http://sourceforge.net/p/netcat/bugs/8/
I've gotten socat to work. Code below does UDP broadcast to port 24000.
socat - UDP-DATAGRAM:255.255.255.255:24000,broadcast
(In socat-world "-" means "stdin".)
You're not saying you want to broadcast, which is done using the -b option to nc/netcat.
nc -h 2>&1 | grep -- -b
-b allow broadcasts
A simple example that works on Ubuntu. All the info in is in the other answers, but I had to piece it together, so thought I would share the result.
server
nc -luk 12101
client
echo -n "test data" | nc -u -b 255.255.255.255 12101
The client will hang until you do Ctrl-C
Sorry, if I am assuming wrong but you mentioned that you have your firewalls set up correctly so I am guessing that the host and client are not on the same subnet???
If that is the case and this firewall is also acting also as a router (or if the packet has to go through a router) then it is going to process that packet but it will not forward it out its other interfaces. If you wanted that to happen then you would need to send a directed broadcast. For example; for the subnet 192.168.1.0/24 the directed broadcast would be 192.168.1.255, the last IP in the subnet. Then the firewall, assuming it had a route to 192.168.1.0/24 and that it is set up to forward directed broadcast, would forward that broadcast out to the destination or next hop. Configuring your device to forward directed broadcast... you would need to reference its documentation. For Cisco IOS you would type in, under the interface, "ip directed-broadcast".
255.255.255.255 is a limited broadcast and is not going to get pass your routers regardless, it is solely intended for the layer 2 link that it resides.
As for how netcat is set up:
-l 0.0.0.0 12101, tells netcat to listen on port 12101 on all interfaces that are up and with an IP address assigned. The -u is not needed as it is telling netcat to listen on a unix domain socket, google IPC :) (this is the biggest reason that your scenario is not working.)
The below should work to get a broadcast forwarded to another network via netcat:
server: nc -l 0.0.0.0 12101
host: echo "hello" | nc 192.168.1.255 12101
Hope that helps, sorry if that was long winded or off from what you were looking for :)