I have done a fair amount of reading on this subject - capturing windows xp localhost TCP traffic.
There seem to be a couple of methods:
1/Using RawCap.exe wont work as windows XP handles localhost not through the normal network stack
2/Using a tool like SocketSniff which will look at winsock calls for a particular process (I may try this)
3/Using proxocket dlls to output a cap file for all winsock traffic for a particular application (May not work depending on version of the application or version of windows.
4/Wireshark wont work in this scenario for the same kind of reason that RawCap.exe wont work
I have read in detail this article on wireshark https://wiki.wireshark.org/CaptureSetup/Loopback and my question references this section:
So let's say I decide to install a windows loopback adapter.
Next I need to do this :
1. go to MS Loopback adapter properties, set IP 10.0.0.10, MASK 255.255.255.0
2. ipconfig /all and look at the MAC-ID for your new adapter.
3. arp -s 10.0.0.10 <MAC-ID>
4. route add 10.0.0.10 10.0.0.10 mask 255.255.255.255
5. to test: "telnet 10.0.0.10"
Now there is something things I dont understand which I would like explained about this sequence of steps. I have an application I want to watch which makes calls to 127.0.0.1 or 'localhost'.
I install my MS Loopback adapter, set its IP and Mask.
I then grab the MAc address.
I then via arp add a static cache entry so 10.0.0.10 resolves to the physical device.
I then add a route from 10.0.0.10 to itself, 10.0.0.10
Now at this point surely capturing on this MS Loopback adapter still wont pickup 127.0.0.1 or localhost will it? It would only pick that up if I had my application pointing at 10.0.0.10 as 'localhost'?
Can somebody please clarify - perhaps my understanding is incorrect and it indeed would work??
I decided to try SocketSniff - and it solved my problem entirely - it picked up the calls the application I wanted to monitor was making and I was able to continue happily programming after that!
Related
I’m new to Hyper-V, and I’m trying something apparently very simple:
Setup a Hyper-V 2019 server
On that server, install a Gen2 WM Windows server 2016
I have an identical hardware successfully running Hyper-V (and 2 VMs) as a role in Windows Server 2016 Standard. Therefore, that hardware is most likely to be fit for virtualization…. and as been ordered for that purpose only.
But I just can’t get the guest VM to connect to the network! I reviewed former posts about the subject, and did not find any solutions I did not yet already explored.
Setting up a Hyper-Server, and joining it to a domain was pretty straight forward. Event installing the VM was pretty simple.
Here is the current state, after I re-started from scratch (meaning reinstalled the computer from zero), and left the default, as generated by Microsoft:
The host does have access to internet (and is linked to AD) on ethernet NIC#1
Assigned Static IP: 192.168.0.96
Subnet: 255.255.255.0
gateway: 192.168.0.1
DNS: 192.168.0.1
From the remote Hyper-V manager, I did create a new Virtual Switch (only one)
Name: vSwitchExternXyz
Type: external
Linked to the external network using the same NIC#1
Allowed management operating system to share this network adapter (this is by default)
When executing an ipconfig" in command line on the host, I see a new “Ethernet adapter vEthernet (vSwitchExternXyz)” created, having:
Autoconfiguration IP4 Address: 169.254.197.61 (hey, this is a APIPA address !)
Subnet: 255.255.0.0
gateway: none!
From the remote Hyper-V manager, I did assign this vSwitchExternXyz Virtual Switch (the only one I created in the Host)
I left unchecked both options “Enable virtual LAN identification” and “Enable bandwidth management” (those are unchecked by default)
When I start & connect to that only VM, and look at it network config, I get:
Autoconfiguration IP4 Address: 169.254.224.167 (again another APIPA address!)
Subnet: 255.255.0.0
gateway: none!
From that picture, I’m not really surprised I cannot even ping any IP outside the APIPA address range, because the default gateway seems missing. I did try to assign it an IP and valid gateway (same as the host’s), but it made no differences. But I don’t know yet how should a successful configuration looks like.
Questions
I have no running environment to compare to in order to see if those defaults are correct. Do the virtual switch & VM’s vNIC adapter both should be given IP addresses?
Shouldn’t both virtual switch & VM’s vNIC adapter be in the same subnet than the host (meaning 192.168.0.x), and pointing to the same gateway?
What’s wrong with my VM to not access internet?
I resorted to Microsoft support to address this issues (it took 2 tech specialists 2.5 hours total to figure it out).
The problem was with the virtual switch which was corrupted for obscure reasons. It should have pick up the IP of the physical NIC.
It was not enough to just remove the vSwitch and re-create it.
I had to:
leave the faulty vSwitch there,
create a new vSwitch
Assign the new switch to the Guest VM's adapter
only then, delete the faulty vSwitch
Problem fixed, thanks to Raj at Microsoft technical support team.
I'm using a Cisco client to connect to a VPN but also using Synergy (Symless) to connect to the machine. It works fine initially but will drop out after machine sleep (or sometimes seemingly randomly), then I have to restart the VPN connection. Not the end of the world, but it is irritating.
Are there any config changes I can do to Networks settings, VPN or Synergy to stop this dropping out?
Found this which I hope will fix it.
https://blog.lan-tech.ca/2013/02/21/access-local-and-vpn-network-simultaneously/
"you just need to add the local devices to the windows routing tables so that it knows to access them when the VPN is active.
See the windows “route” command – E.G. route -p add MASK 255.0.0.0 METRIC IF
To help discover what you need to use, disconnect from your VPN, make sure you can connect to your local device, then run a “route print” show the current active routes and find your device. (generally in the IPv4 Route Table)
It will also list the ‘Metric’ to use, and at the top of the listing is the “Interface List” which lists the network interfaces on your system. You’ll need to figure out which one to use. For example, I know my system has a gigabit network adapter and in the list I see a “Intel(R) Gigabit Network Connection” – bingo – that’s it. The first column is the interface id, 49 in my case.
The “-p” option makes your configuration persistent – meaning that it will be there again next time you boot.
SO, as an example, let’s say I want a local network share at 192.168.1.43 to be accessible to my machine while connected to the VPN, so I would add the route like so:
route -p add 192.168.1.43 MASK 255.0.0.0 192.168.1.1 METRIC 15 IF 49
Now if I run route print, I see this new route in the list of persistent routes for IPv4.
I turn my VPN back on, and instead of the device ‘disappearing’ as it normally does, windows can still find it because it is in the persistent route list."
I have a box running OpenSuse with two local network segments:
192.168.2.0/24 (lan0)
192.168.33.0/24 (vlan0)
and 3rd connection,
DHCP (wan), used for Internet access.
and I'd like to be able to route everything (tcp, udp, icmp, whatever) in lan0 and vlan0 segments.
I have enabled ip forwarding and ip masquarading using YaST. I also added both 192.168.xx.0/24 to trusted networks in SuSEfirewall2 and set up explicit routing in FW_ROUTE setting. rp_filter is off for both.
I have internet access on both segments and i am able to ping in both directions (router - pc on the segment) but cannot ping from lan0's machine to vlan0's one. I get 'destination host unreachable' error whenever I try to ping from lan0 to vlan0.
My understanding is i am missing some major settings which would let router route packets from lan0 to vlan0 instead of masquarading them and sending to the Internet. Windows boxes at lan0/vlan0 do not see each other too :(
Any help would be greatly appreciated.
In case someone runs into same problem - it appeared that pings do not work for Windows 10 boxes only. Android phone pings fine so the root cause is not OpenSuse box at all.
I am trying to share the internet with the Beaglebone Black from my laptop. Here is what I tried till now-
I connected Beaglebone Black to my laptop running Windows 8 via USB cable. Then, I went to network and sharing center. Then, the network which I want to share, I shared it with the Beaglebone(It says Local Area Connection). Now, I went to the Gate one SSH on Beaglebone and wrote - "ping www.google.com". But it said "Unknown Host".
Now, since the above didn't work, I connected the Beaglebone Black with the standard ethernet cable and again tried sharing my network, but it still didn't work.
Here is what I am trying to do-
If I am able to connect to internet, I want to set up VNC server and through that I want to load the GUI of linux on my laptop.
Any help will be greatly appreciated. If there is any other method to accomplish this, please tell me about it. I have tried most of the tutorials on the internet, but didn't succeed.
Here is the detailed answer, after long long waiting I finally figured out how to share internet on BBB. This question is being seen at least 10 times everyday so I though I should answer it by my own. (Also SO gave me Popular question badge for this!)
First thing I tried was:
I connected the BBB(running angstrom) to laptop (running windows 8). The laptop recognized the device and I was able to SSH it through putty.
Now, I tried to ping my computer back whose IP address is 192.168.7.1 .. This step never worked for me, my BBB was never able to ping my computer back but, I was able to ping the beaglebone itself through the provided IP that is 192.168.7.2 (which is obvious)
I searched everywhere on internet and did everything to overcome this glitch such as:
I made the default gateway in BBB to 192.168.7.1
/sbin/route add default gw 192.168.7.1
but that also didn't worked.
I previously thought that it is necessary for me to ping 192.168.7.1 in order to get the internet on BBB.
Since nothing was working I decided to skip this step.
I simply connected the BBB, and then went to network and sharing center in windows 8 and from there, I shared the internet connection from my wifi connection to the beaglebone.
As you will do this, you will see that BB will loose its connection from the putty (if you started putty before network sharing), This is because computer assigns an IP to the BB which you have to change to 'Obtain the IP automatially'
To do this right click and go to properties of the BB connection and then from the list select the IPV4 tcp/IP and go to its properties. In that, you will see the option 'Obtain IP automatically'
Now again start putty (as previous connection will get terminated) and you will see that BB is able to connect.
Now simply add the default gateway as I showed above and then you will be able to ping 8.8.8.8 or any other IP address. Now, simply add the nameserver like this:
cd /etc
more resolv.conf
nano resolv.conf
and add this line below nameserver 127.0.0.1
nameserver 8.8.8.8
and save it, you will be able to ping google.com.
Now comes the VNC server part. For that case also I was wrong. To connect to VNC server you do not need internet connection on the BBB. Yes, you will need that for installing the VNC server on it but not afterwards. Once it is installed, you have to simple do this in BB:
x11vnc -bg -o %HOME/.x11vnc.log.%VNCDISPLAY -auth /var/run/gdm/auth-for-gdm*/database -display :0 -forever
and press enter and BB will reply with VNC started at port 5900
Thats it, now comeback to windows and start VNC server, add the address 192.168.7.2 and you can see the GUI on the screen. I am also able surf internet on the beaglebone.
Thank you for the support and if I am wrong here in my question then please notify me.
Also if you have any doubt, refer to this awesome video my derek molloy: He has explained it very well and remember to skip the step of pinging back 192.168.7.1 if it is not working.
I have not yet figured it out. I will edit the answer once I get it.
1) On your Beaglebone:
sudo su
ifconfig usb0 192.168.7.2
route add default gw 192.168.7.1
2) Now share the network and make sure your pc's ip is 192.168.7.1 after you do
connect beaglebone black to router via ethernet
now use
adb tcpip 5555
adb connect bbb_ip:5555 then use adb shell
The problem you're facing is of resolving nameservers. If you're able to access the device through SSH (using PuTTy, for example), then you can provide it internet too- but the device needs to know where to look for.
The BeagleBone Black has a utility called Connman that manages its connections.
/usr/lib/connman/test has functions related to it.
Use ./set-ipv4-method in there to set different values. Be sure to set the nameservers right. If in doubt, use 8.8.8.8 as the only entry. Also note that the gateway for your BeagleBone must be your computer.
If you're not a newbie and need more detailed instructions, see this.
To continue from the answer provide by Vikas Arora, 3 things you have to do primarily to provide ethernet over usb connection to your Beaglebone. Firstly, share your PC internet connection with the local network made with Beaglebone, a process well explained above. And also setting up the IP address to be obtained automatically.
Secondly, setting up the nameserver to the public DNS server address 8.8.8.8 also explained above. But this setting is not persistent i.e. once you reboot, the settings will be lost. It is because the network manager on Angstrom 'connman' resets the etc/resolv.conf on startup. To correct that I disabled the connman service on my device by going to /lib/systemd/system and
firing commands
systemctl stop connman.service
systemctl disable connman.service
This will make your nameserver file persistent and you can always start connman service again if you need.
Thirdly you have to set your gateway to the address of your internet sharing machine also explained above. But this setting is also not persistent. To do that make a script like below in your home directory
echo "********Setting up the default gateway"
route add default gw 192.168.7.1
and make a service that will kick off on startup and trigger your script. A process well explained at
https://askubuntu.com/questions/506167/how-do-you-save-the-routing-table-on-the-beaglebone-blackangstrom
and
http://mattrichardson.com/BeagleBone-System-Services/
I'm using virtualbox and trying to get my centos6 virtual machine onto the network. Virtualbox is running on XP. In the virtual box settings I've enabled network adapter 1, selected the bridged adapter and selected the default hardware. On the virtual machine I've edited configuration files as follows (making sure that the mac address / hardware address matches the adapters mac address from the virutalbox settings):
# cat /etc/sysconfig/network-scripts/ifcofg-eth0
DEVICE="eth0"
BOOTPROTO="none
MACADDR="08:00:27:7D:A8:DC"
ONBOOT="yes"
IPADDR=10.0.20.10
GATEWAY=255.0.0.55
# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=dev.host.com
NETOWRKING_IPV6=no
GATEWAY=10.0.0.55
# cat /etc/sysconfig/networking/devices/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=none
HWADDR=08:00:27:7D:A8:DC
ONBOOT=yes
NETMASK=255.0.0.0
IPADDR=10.0.20.10
GATEWAY=10.0.0.55
TYPE=Ethernet
When i restart networking I get the following:
# /etc/init.d/network restart
Shutting down loopback interface:
Bringing up loopback interface:
Bringing up interface eth0: Device eth0 does not seem to be present, delaying initialization.
eth0 never comes up and obviously I've got no access to / from the network.
There was a rule in /etc/udev/rules.d/ that was associating an old mac address from the cloned machine with eth0. I edited the rule (/etc/udev/rules.d/70-persistant-net.rules), to use the new mac address virtualbox generated when I enabled the network adapter.
eth0 is up and running - I can access the network. (thanks to the centos forum).
Not sure about this behavior in other Cent OS version or Linux distros but in Cent OS 6.1, /etc/udev/rules.d/70-persistant-net.rules is automatically generated by the OS and after a couple of reboots, it will be regenerated based on the Mac Addresses in the ifcfg-eth* files.
So I didn't have to edit the file. I just had to reboot the VM a 1-2 more times.
Device eth0 does not seem to be present, delaying initialization.
This is quite a generic error for a number of issues. UDEV can work often however renaming the NIC itself among other solutions such as specifying the HW address will work too. But that's not all of them. Give this older post a try. Looks like a collection for a bunch of solutions to this error:
Device eth0 does not seem to be present
Regards,
Always check the file format of ifcfg-ethX was not modified by a Windows editor. In case the line ends are in windows format, you will encounter the same problem.
This cause is hard to notice and the error message is misleading.