My app is using a TUN say tun0. In the design, my app will receive an UDP which includes an full IP layer, then I will take the IP layer out and then use 'file write' to put them into my own tun0 device, supposedly in design, I should can read the packet out again from tun0.
Now the situation is I can see through tcpdump the package is wrote into the tunnel, but I couldn't read them back.
Something wrong with tunnel setting or route setting?
Thanks in advance
Yang
Your second tun0 is not a FIFO queue. You may have a problem in your design of how and why your are using the second tun0 device. Clarify why you are using it and which process should be reading. The proper approach should flow from that clarification.
If you want to read the data you send into you have some options.
Connect tun0 to an TCP or UDP echo service when you open it. This will then send you back the packets you stuff into it.
Open a listener for the second tun0 to connect to. Then connect to it and send the packets out that connection. Read your data from the listener side.
Open a pipe with two file descriptors. Write to one descriptor and read from the other. Pipes are often used for IPC (Inter-Process Communication) when forking children.
Create a socket and read data from it. Open the other end of the socket for writing. Sockets are often used to allow other processes to communicate with a process. This works well when the calling processes may have a different lifetime than the listening process.
Create a buffer or queue in memory to store the data.
Related
Can TCPDump and TCPReplay be used to record(tcpdump) network traffic coming in to a application server/webserver/queue application etc., and then replayed using the dump on TCPReplay?
Let's say I setup a apache server and use TCPDump to capture the entire network traffic and dump it to a file. Now I run apache in a different machine and want to replay the traffic to this new apache server using the file. How can I achieve this?
I especially want to understand how TCPReplay would work in such a scenario. i.e. how would syn/ack responses work for TCP. How would a new a connection etc. be initiated?
Fred is right. Also, this question is answered in the Tcpreplay FAQ: http://tcpreplay.synfin.net/wiki/FAQ#Doestcpreplaysupportsendingtraffictoaserver
No, you cannot use Tcpreplay to replay traffic to a server. TCP sessions have random sequence numbers, and are fully stateful. Replaying previously recorded TCP traffic will be ignored by a server.
I have done a fair amount of research these last few weeks trying to create a connection diagnostic tool, I don't so much want to just check to see if the connection is available but to diagnose if there is jitter, packet loss, etc..
So far it seems that Java doesn't support a true ICMP request and that there are a few workarounds out there but none of which achieve what I'm trying to do.
Does anyone know if this sort of tool can be built or should I start looking into other options?
It seems that InetAdress is using ICMP when its possible:
https://docs.oracle.com/javase/7/docs/api/java/net/InetAddress.html
take a look at public boolean isReachable(int timeout)
Test whether that address is reachable. Best effort is made by the
implementation to try to reach the host, but firewalls and server
configuration may block requests resulting in a unreachable status
while some specific ports may be accessible. A typical implementation
will use ICMP ECHO REQUESTs if the privilege can be obtained,
otherwise it will try to establish a TCP connection on port 7 (Echo)
of the destination host.
You can find a simple use example here:
How to test if a remote system is reachable
or here How to ping an IP address
I believe ICMP4J does exactly what you need: Internet Control Message Protocol for Java
You can use 'Exec' to run ping at the command line (assuming your OS supports this), or JNI to interface to a native application to do the pinging.
Creating your own implementation of the ICMP protocol would not be trivial.
If you do use Exec be aware of it's limitations which are not always obvious in initial testing:
http://www.javaworld.com/article/2071275/core-java/when-runtime-exec---won-t.html
I want to make multiplayer game, and I want it to use UDP sockets. Because of that, I want to use DatagramSocket. The problem is that DatagramSocket needs to be bound to a port on both sides. Is there a way to create a server - client program with UDP that does not need the client to portforward? (Like Serversocket and Socket).
Remember that UDP is connectionless. You send a packet of data to some IP address and hope it knows what to do with it once it gets to the targeted machine. But actually once it's on the machine it has no idea where to go from there, is there an application that's interested in these packets? And this is precisely why you need to specify a port number that is registered to forward packets to specific application on the machine.
Send a packet to myself to the application running on port 7000: 127.0.0.1 : 7000
How does a Server know to close a Web Socket connection in HTML5 on below scenarios and other cases.
Browser closed abruptly
Browser Refresh(A new Socket connection creation or still it will use existing Connection)
System abrupt power off
In case the client quits without being able to notify the server, the basic characteristics of the TCP implementation define the behavior.
As long as your application (and host system itself) do not attempt to send any data over this broken connection, the host will not realize that something is wrong. Hence, the connection could stay 'open' for a long while and allocate resources, from the server's point of view.
However, in the moment data is attempted to be sent to the remote end, the remote end will not acknowledge the retrieval and TCP retransmission comes into play. It involves a certain number of repetitions and used timeouts. The exact parameters depend on the implementation (operating system in use). When the retransmission finally fails, the TCP connection is closed and resources are freed on the server side. So you can
rely on the fact that at some point your application might want to write to the missing remote end and while doing so trigger the detection of the dead connection or
detect missing remote ends yourself by using something like pings on the application level or
use something like pings on the operating system level, via TCP keepalive techniques.
The easiest part of your question is the browser refresh part. IE,FF and Chrome will close the opened connection and open a new one. I guess, that any other browser will do the same.
Point 1 and 3 i can only guess: If the client can still close the tcp connection cleanly, the server will immediately recognize that the connection has been closed. If you are using tomcat, the onClose method of the MessageInbound instance will be called.
If the client could not close the tcp connection cleanly, the server will wait for some kind of timeout. The server will definitely timeout fast when it tries to write something to the socket. You could implement a heartbeat mechanism to do this. Websockets seem to have the option of an automatic heartbeat but not all browsers and servers seem to support it.
If a user closes a browser tab with an opened web socket, the server will not know this one has been closed right away. However, as Jan-Philip says, if you attempt to write the operation will fail and using the error given you know the current state for the connection.
For example, when using the ws lib for nodejs, if you try to send data to a closed websocket an exception will be thrown, saying something like [Error: not opened]. Their you know the connection no longer exists and you can do any cleanup needed.
A process is connecting to a certain ip or domain, but I do not know what it is. The process can't connect to the server. How do I find and change it?
TCPView and netstat work best for connections already established, which isn't the original poster's position.
A better tool for this task is a packet sniffer, which can observe the connection attempt. I recommend Wireshark, which is available for all major platforms.
Details:
Install, then start Wireshark
Press Ctrl-K to start capturing
Select the network interface that you expect the program to use
Type "tcp[tcpflags] & (tcp-syn|tcp-ack) == tcp-syn" in the Capture Filter box (no quotes)
Start the capture, go make your program try to connect, and then stop the capture.
If you do the last step fast enough on a machine without a lot of other network activity, you will have only one captured packet. Otherwise, you'll have to dig through a list to find the one you want. This packet will show the TCP port the program is trying to use.
Type netstat at the cmd prompt to see what ports are being used by active processes. Aside from that, you can't change the port being used by the proc to connect (unless you built the app obviously)
TCPView is a nice little utility that will show you all the open connections and endpoints on the local machine.
If the program is connecting using a DNS name (e.g., example.com), you can use the hosts file (c:\windows\system32\drivers\etc\hosts) to make that name map to a different IP address.
If you mean redirect the connection programmatically, that is a lot more complicated. You're not writing malware, are you?