I'm working on a tool in VB to make ping tests, but some speedtouch 780i routers are blocking ICMP.
I try it out myself on a speedtouch router. I telnet and disable the firewall and intrusion detection, but still the ICMP is blocked.
The actual question I have is not how to fix to allow the ICMP running over the Speedtouch router configuration. I'm more interested how to work around this problem without touching the router.
I noticed that if I make a ping test over a web application using my browser, everything works fine. If the ping is made over the cmd, it's not working. I'm thinkin it might be a port problem but I'm really not sure about it.
Most websites are intentionally blocking ICMP to prevent Denial of Service attacks and SQL injection attacks to their sites.
Related
I am writing an action script 3.0 client that has to communicate with a remote server. In localhost environment everything works fine, but if I test the client in the real internet environment there is no connection.
My guess is that it has to do with the cross domain policy file, but calling
Security.loadPolicyFile("xmlsocket://"+targetIP);
does not send the <policy file request\> message to the server on the default 843 port, or any port for that matter. I think it might be because flash recognises that the address is local and omits the request. But I need to receive it to be able to implement the answer on the server. Otherwise I'd be coding blindly.
Is there a way to force the flash client to behave as if it was in a different domain while still being in localhost so I can troubleshoot this issue without involving a remote host? I don't have many resources in that regard.
Try running the client on 'localhost', and load the policy file from '127.0.0.1'.
They should be seen as different 'domains'.
I have done a fair amount of research these last few weeks trying to create a connection diagnostic tool, I don't so much want to just check to see if the connection is available but to diagnose if there is jitter, packet loss, etc..
So far it seems that Java doesn't support a true ICMP request and that there are a few workarounds out there but none of which achieve what I'm trying to do.
Does anyone know if this sort of tool can be built or should I start looking into other options?
It seems that InetAdress is using ICMP when its possible:
https://docs.oracle.com/javase/7/docs/api/java/net/InetAddress.html
take a look at public boolean isReachable(int timeout)
Test whether that address is reachable. Best effort is made by the
implementation to try to reach the host, but firewalls and server
configuration may block requests resulting in a unreachable status
while some specific ports may be accessible. A typical implementation
will use ICMP ECHO REQUESTs if the privilege can be obtained,
otherwise it will try to establish a TCP connection on port 7 (Echo)
of the destination host.
You can find a simple use example here:
How to test if a remote system is reachable
or here How to ping an IP address
I believe ICMP4J does exactly what you need: Internet Control Message Protocol for Java
You can use 'Exec' to run ping at the command line (assuming your OS supports this), or JNI to interface to a native application to do the pinging.
Creating your own implementation of the ICMP protocol would not be trivial.
If you do use Exec be aware of it's limitations which are not always obvious in initial testing:
http://www.javaworld.com/article/2071275/core-java/when-runtime-exec---won-t.html
I'm trying to setup a few minecraft servers for my kids and have installed everything and technically the servers are running but we can't connect ... From what I've found searching around it seems like you potentially have to do some port forwarding to ensure things flow through. I've already got a firewall rule setup but this does not seem to be working.
I'm running both a regular minecraft server as well as pocketmine-mp for mobile. Same challenge on both servers ...
Thanks in advance!
Assume that there is a web-page called whatisyourip.com and that I have a web-page called changeip.com. A user wants to enter the site whatisyourip.com through changeip.com. Normally, changeip.com would be a proxy server so the user can hide his ip address. That's how users reach forbidden web-pages in their countries. But I want to ask, is there a way to show a different ip address to whatisyourip.com while connecting it through changeip.com without using it as a proxy server?
is there a way to show a different ip address to whatisyourip.com while connecting it through changeip.com without using it as a proxy server?
Short answer: Yes. Make changeip.com a VPN server and assign different IP addresses to those VPN clients. Ensure they send all traffic through the VPN. This usually involves modification of the local routing table on the VPN client workstations for everything to work correctly.
Longer answer... There are several reliable ways to hide IP addresses of TCP sessions...
HTTP Proxy - you already described this situation
Network address Translation - this doesn't sound likely in your scenario
VPN Tunneling - Possible solution instead of HTTP proxy, even if it's something as simple as an SSL VPN. Depending on your constraints, this could also be a viable option.
You can't. TCP connections require a 3-way handshake. You can certainly send a SYN packet to the server to start the process, then change your IP address. but when the site responds with the 2nd-stage of the handshake (SYN+ACK), that packet is now going to your old IP address and your system will drop it - it has no idea that the server is responding to something that was started on the old IP.
You could try something like the Tor network, which offers end-to-end encryption of traffic and cloaking of origins, but it's not something I'd consider "reliable".
Not unless you spoof your IP, in which case the response will go to the forged IP. So no.
I have a testapp consisting of an HTML5/WebSocket client and an HTTP/WS server. Both servers are in C#; the HTTP server is my own simple thing and the WS server is also homebrew based on concepts from http://nugget.codeplex.com/. HTTP server is listening on 0.0.0.0:5959 and WS server on 0.0.0.0:5960 (accept connections from any client, but on different ports).
My index.html includes some JavaScript that opens a WebSocket to 'ws://'+document.location.hostname+':5960/' (that is, to the same IP address that the webpage came from, but on port 5960). The WS server sends sample data every 100ms. All in all, it's a pretty straightforward demo.
I'm using Chrome 12.0 on Windows7.
I've found that the HTTP server works from any client, either a browser on my machine pointed to 127.0.0.1:5959 or localhost:5959, AND it works when any machine (mine or a remote machine... "remote" being a different PC on my desk :) hits my server machine's work-internal 10-net address 10.122.0.159:5959. Everything works as expected in HTTP land.
However, the WebSocket only works on 127.0.0.1 and localhost; remote machines can successfully fetch HTML from 10.122.0.159:5959 but the WebSocket will NOT connect to 10.122.0.159:5960. In fact, when I point my local browser to it's own 10-net address (10.122.0.159:5959) I get the same result - HTML loads but WebSocket does not connect.
Any ideas as to why this might be happening?
Does CORS require that the WS be using the same port as the HTTP request originated from? If so, is there a special exception to the rule for 127.0.0.1?
Many thanks,
-Dave
Update
It seems to be caused by a proxy server blocking ws:// requests. Our company employs a proxy server for content filtering and all the usual stuff, and our browsers are configured to use it.Chrome uses IE's proxy settings, and IE's default settings are for localhost to not use a proxy server. When I check the box to have local connections also use the proxy server, my ws:// requests to localhost get blocked. Conversely, when I uncheck the "use proxy server" box my server does rx the WS request. Similarly with the remote machine, if I turn off the proxy on the remote machine my server does rx the ws:// request.
So it's a proxy thing, not a CORS or socket thing, and now I'm off to explore proxy settings with our IT folks.
There is no WebSocket limitation on cross-origin except what is governed by the CORS security in the handshake.
It sounds like something is wrong with your WebSocket server and it is only listening on localhost for connections. I would add some debug output to the OnClientConnect routine in Nugget (WebSocketServer.cs) so you can see when socket connections happen. If you really think it isn't a problem with the server then I would suggest using wireshark and comparing the localhost connection to the remote connection.
Also, if you are using the SilverLight WebSocket prototype (README) in IE 9, then you are restricted to ports 4502-4534 for WebSocket connections. It's possible that for localhost this restriction is lifted.
It is/was indeed a proxy thing.
Rather than asking our IT folks to make changes (good luck with that, eh?) I simply turned off proxy for 10.122.0.159 ([Howto for IE/Chrome][1]). I briefly experimented with turning it off for the ws:// protocol but couldn't get it to work, so for now just opening that one IP address does the trick.