I'm able to send UDP message to the remote IP node on eth with openHAB using the binding tcp/udp, i.e.:
udp=">[ON:10.44.212.60:3000:'MAP(mydevice.map)'],
[OFF:10.44.212.60:3000:'MAP(mydevice.map)']"
But I do not have idea what I have to do to get and store the response coming back.
Please who can help?
Thanks and regards
marco
Not possibile UTP is one-way communication, you will have to use TCP protocol.
Related
I'm using wireshark for the first time.
I run a client program that sends a command to server but the server response length is zero. I need to anlayse packets sent back from the server using wire shark in order to understand the problem
How can I see what is the size of data sent in a packet & what is the
data (human readable string) sent to destination using wireshark.
Please guide I'm new to networking and wireshark.
Thank you
I recommend this page for a guide on wireshark: Wireshark guide
I found the solution .Since, I'm using TCP .
Click the packet you want to analyse
See description- goto tcp
Under TCP click on data to see size of data and its value
Using the SNMP4J library I am able to successfully retrieve information from multiple agents using SNMP over UDP. I am running into a situation where I need to retrieve information from an agent using SNMP over TCP. The SNMP4J library provides a DefaultTcpTransportMapping class to do this and I believe I've implemented it appropriately. Using Wireshark, I see response packets being returned from the agent running SNMP over TCP but I am getting null response PDUs. What other considerations do I need to address when implementing SNMP over TCP instead of UDP? Any help is greatly appreciated!
After a discussion with the board's manufacturer we've learned that the model for communication is SNMP over PMPP over TCP and I'm working on a custom SNMP4J transport to handle this model.
try to increase timeout value, TCP is slower than udp
UserTarget target = new UserTarget();
target.setTimeout(timeoutInMillis);
I want to identify an UDP or TCP packet that have its source IP address faked. My guess is that even if the packet is faked with a program such has hping, the MAC src address is still the same on all the faked packets, is this correct?
If my idea is not correct, how can I identify such packets that are being faked and looks like it has different source for each and every packet?
Thanks.
MAC addresses can be faked too.
With TCP, its easy to identify / handle this. You'll reply to a fake SYN packet with a SYN-ACK. If it was a real client, it'd reply with an ACK to complete the handshake. Only caveat is that you'll have to implement syn-cookies so that you don't create state & use up resources while waiting for an ACK.
With UDP, there is no way to know, since the protocol is connection-less. If you send a reply to the fake packet, you're not guaranteed a response from a "real" client. So there is no way to identify a fake one.
The way I see it, UDP and TCP have nothing to do with this. You're talking about only layer 2 (MAC) and layer 3 (IP). Even at that though, you have no way of knowing, because the source MAC address should be that of the closest router to the recipient (assuming the packet did not originate in your subnet.) So you should see the same MAC address for most all inbound packets (again, internet traffic only).
Now there are profiling tools like p0f that work on signatures of packets, and you could try and do some heuristics based on that information, but nothing very concreted could be determined.
From the packet you can get the MAC address of the nearest node. Yeah you can send ACK packet to the fake source address(IP) and then use Traceroute command to know the path of the source packet, so that you can atleast find the location of the originating. It works well in TCP and you can have acknowledgement also.
I am developing a packet filter in vxworks platform.For that, I need to send an individual IP
packet. Can anyone say which is the simplest way for doing it? Can I use RAW socket in vxworks
as like linux?
Thanks & regards,
Likhin
Yes, you can use RAW sockets. Take a look at sockLib
is it possible to send multiple tcp or udp packets on a single ip packet? are there any specifications in the protocol that do not allow this.
if it is allowed by the protocol but is generally not done by tcp/udp implementations could you point me to the relevant portion in the linux source code that proves this.
are there any implementations of tcp/udp on some os that do send multiple packets on a single ip packet. (if it is allowed).
It is not possible.
The TCP seqment header does not describe its length. The length of the TCP payload is derived from the length of the IP packet(s) minus the length of the IP and TCP headers. So only one TCP segment per IP packet.
Conversely, however, a single TCP segment can be fragmented over several IP packets by IP fragmentation.
Tcp doesn't send packets: it is a continuous stream. You send messages.
Udp, being packet based, will only send one packet at a time.
The protocol itself does not allow it. It won't break, it just won't happen.
The suggestion to use tunneling is valid, but so is the warning.
You might want to try tunneling tcp over tcp, although it's generally considered a bad idea. Depending on your needs, your mileage may vary.
You may want to take a look at the Stream Control Transmission Protocol which allows multiple data streams across a single TCP connection.
EDIT - I wasn't aware that TCP doesn't have it's own header field so there would be no way of doing this without writing a custom TCP equivalent that contains this info. SCTP may still be of use though so I'll leave that link.
TCP is a public specification, why not just read it?
RFC4164 is the roadmap document, RFC793 is TCP itself, and RFC1122 contains some errata and shows how it fits together with the rest of the (IPv4) universe.
But in short, because the TCP header (RFC793 section 3.1) does not have a length field, TCP data extends from the end of the header padding to the end of the IP packet. There is nowhere to put another data segment in the packet.
You cannot pack several TCP packets into one IP packet - that is a restriction of specification as mentioned above. TCP is the closest API which is application-oriented. Or you want to program sending of raw IP messages? Just tell us, what problem do you want to solve. Think about how you organize the delivery of the messages from one application to another, or mention that you want to hook into TCP/IP stack. What I can suggest you:
Consider packing whatever you like into UDP packet. I am not sure, how easy is to initiate routing of "unpacked" TCP packages on remote side.
Consider using PPTP or similar tunnelling protocol.