Linux command to send data to a remote tcp-client - linux

I have a Linux Server running Redhat Rhel 7 and a Device called "Compoint Lan System (Colas)" (german manufacturer). The Colas has its own firmware so I don't know if it's based on linux. The Colas is set as a TCP-Client. It receives messages from its serial 1 port. I get the messages coming from the serial port 1 of the colas on my server with rsyslog.
Now what I want is to send a string (2 letters) from my server (tcp-server) to my colas's serial port 1 (tcp-client) to get information of the device attached to serial port 1.
Is there a command in linux to accomplish that? Something like "command 'string message' destination port"? I am sorry if it isn't written well.

Install netcat
yum install nc
Make it to listen to a particular port number
nc –l portnumber &
Lets validate it using netstat from a different console:
netstat -anlp |grep yourportnumber
PS: Change the installation command based on your linux flavor.

Ranadip Dutta's answer meets your requirement. The listen there doesn't mean listen for incoming data, it rather means listen for connection request from client. Of course you can't use rsyslog and nc as the server at the same time, but with nc you get the messages coming from the Colas displayed as well as the characters you enter sent.

Related

virtual serial port from remote physical serial port

I have a local client host (linux), which runs an application (like minicom) that connects to a serial port.
However, the physical serial port (/dev/ttyUSB0) is present on a remote server host (linux), to which I have ssh access.
For various reasons, I do not want to run the application on the server host through ssh.
Therefore, I am connecting this physical serial port to a local virtual serial port (/dev/ttyNET0) using socat:
sudo socat "pty,link=/dev/ttyNET0,group-late=dialout,perm-late=666,sane,rawer" \
"exec:'ssh -tt ${remote-host} socat "stdio,sane,rawer" "file:/dev/ttyUSB0,sane,rawer,b115200"',pty,sane,rawer"
I am then able to connect to this serial port on my local machine as follows:
sudo minicom -D "/dev/ttyNET0"
Note that there were two calls of socat in the previous command: one on the client side, and one on the server side.
I am wondering if the equivalent of this command can be constructed with a single call of socat. I tried this:
sudo socat "pty,link=/dev/ttyNET0,group-late=dialout,perm-late=666,sane,rawer" \
"file:'ssh://${remote-host}:/dev/ttyUSB0',sane,rawer,b115200"
But it did not work. I have read through the manpage of socat, but I might be missing something.

Linux/MacOs - Know which process filter UDP 443 packets

Is there a way, on Linux / MacOs to find which process is filtering my UDP packets on a specific port ?
Here some details and why I'm asking:
On my MacOs ( Mojave 10.14) , if I try to send a UDP packet to any address ( DNS resolves correctly) to port 443, I cannot see anything leaving my laptop ( using tcpdump)
If I do the exact same test but for a different port , for instance 444, I can see the packet leaving ( on tcpdump).
There is a process which is filtering UDP packet to port 443 and I want to know which process it is ( Firewall disabled on my mac).
The exact commands I'm using for my tests :
sudo tcpdump udp port 443
nc -u IPADDRESS 443
I type something stuff here..
==> I cannot see anything going through
sudo tcpdump udp port 444
nc -u IPADDRESS 444
I type something stuff here..
==> I can see a datagram leaving my interface
I know this can be tricky to find which process might be filtering this port.. If anyone has an idea, would be great.
I would not want to rely on the method ' Kill everything until it works'

How do I capture syslog data sent to a specific port

I have a firewall that sends the data to our remote Linux server on the specific port. I would like to capture that data and parse it to store in DB.
So far I have tried tcpdump, nc and few others without much success. Any help is appreciated.
tcpdump -ni device port 1234 -s0 -w capture.pcap
ÿÿEH¶#0c:EJ"#Ϲ r¢"ó<30>device="SFW" date=2018-06-15 time=04:10:49
timezone="EDT" device_name="XG210" device_id=C2205ACMBG9B65A
log_id=010101600001 log_type="Firewall" log_component="Firewall Rule"
log_subtype="Allowed" status="Allow" priority=Information duration=0
fw_rule_id=2 policy_type=1 user_name="" user_gp="" iap=4
ips_policy_id=0 appfilter_policy_id=0 application=""
application_risk=0 application_technology="" application_category=""
in_interface="Port1" out_interface="" src_mac=00: 0:00: 0:00: 0
src_ip=111.11.1.111 src_country_code=R1 dst_ip=111.111.11.11
dst_country_code=USA protocol="TCP" src_port=61257 dst_port=80
sent_pkts=0 recv_pkts=0 sent_bytes=0 recv_bytes=0 tran_src_ip=
tran_src_port=0 tran_dst_ip=111.16.1.1 tran_dst_port=3128
srczonetype="LAN" srczone="LAN" dstzonetype="WAN" dstzone="WAN"
dir_disp="" connevent="Start" connid="2721376288" vconnid=""
hb_health="No Heartbeat" message="" appresolvedby="Signature"
We have started using https://www.graylog.org. It was easy to configure on DigitalOcean hosting.
Steps:
Configure your firewall etc to send the data to your graylog on certain port
Configure graylog to listen to that particular port
Then you will see the data in graylog
Hope this helps.

netstat commands to run on unix server, what commands should I use for my use-case and why?

Sorry in advance for such a noob question, but I'm certainly a noob.
My question is what does it mean to LISTEN or ACCEPT on a port as it relates to my example?
EXAMPLE:
I have a tomcat server, and It will use port 8080. I want to make sure that port is available for me to use.
What commands should I perform on my unix server and why?
what information would a command like this give me: netstat -an | grep LISTEN
If a port shows up as LISTEN in netstat, it means the port is in use by a server process, so you can't use it. Here is an example:
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
which shows that port 631 is in use.
Ignore the UNIX type sockets at the end - they are irrelevant.
For checking port 8080 is in use or not, you can simply use the command netstat -an|grep 8080. If you get an output in below format, that means 8080 is already in use and you need to assign a new port for the tomcat.
# netstat -an
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN
Netstat command displays various network related information such as network connections, routing tables, interface statistics, masquerade connections, multicast memberships etc,
a option with netstat will give you both listening and non listening ports
n option when you don’t want the name of the host, port or user to be displayed, use netstat -n option. This will display in numbers, instead of resolving the host name, port name, user name. This also speeds up the output, as netstat is not performing any look-up.
For more understand the use of netstat command here are its options:
-a : All ports
-t : Ports TCP
-u : Ports UDP
-l : Listening ports
-n : IP address without domain name resolution
-p : Name of the program and it associated PID
So:
-To display all port (TCP & UDP), PId with the associated name of the program :
$ netstat -paunt
-To display all Listening ports (TCP), PId with the associated name of the program : (and we can also filter with the grep command)
$ sudo netstat -plnt | grep ':80'
I hope it will be helpful :)
You can also use telnet to check if the port is open and listening e.g,
Zeeshan$ telnet google.com 80
Trying 173.194.35.5...
Connected to google.com.
Escape character is '^]'.
I am telnetting google.com on port 80. If you see the third line in the output, you will notice it says it is connected with the Google's web server. The same way you have a JAVA application server called Tomcat and it is listening on port 8080. In fact it is asking clients to connect to it on port 8080 so it can give away the JAVA services to client. When I will use from a client side telnet localhost 8080 I will be connected the same way I have connected with Google's web server on port 80. Provided that Tomcat is running and listening on port 8080. If port 8080 is not free and occupied by some other application you can simply change the port 8080 to another free port. Telnet should give you the following status:
accepted (connected), refused, and timeout
connection refused - nothing is running on that port
accepted - some application is running on the port
timeout - a firewall is blocking access
So now there are two possible ways to check. From the same machine you are running Tomcat server:
telnet localhost 8080
Of if you want to check it from some other machine or outside of the network:
telnet 192.168.1.1 8080
I hope that helps.
use can also run the below command, it will list the Port and corresponding PID, if any process is using those ports
netstat -tulpn

how to connect 2 applications through a pseudo serial port with socat

I am developing an embedded application. It will be running on a full-fledged embedded linux, but will be controlled through commands arriving from the serial port from a windows host.
during the debug phase, this windows host is running in a virtual machine and the embedded application is run locally. As such I would like for these 2 to communicate normally as if a normal usb (to serial) cable was connected between them.
How do I go about it? I have heard of the notion of pseudo ports (/dev/ptyXX) but haven't found any C tutorial to go about it.
I basically expect something like a device node (or 2), so I can assign one node to virtualbox "serial port" settings and assign the other node to my linux applicatio that is currently running on the linux host.
Thank you for your help
EDIT: it looks like socat might be the tool for the job , but I can't quite grab the way it works. I am trying the command:
socat -d -d PTY:link=/home/nass/acm0,raw,echo=0 UNIX-CONNECT:/home/nass/dm0
2013/07/18 17:53:56 socat[13271] N PTY is /dev/pts/10
2013/07/18 17:53:56 socat[13271] N opening connection to AF=1 "/home/nass/dm0"
2013/07/18 17:53:56 socat[13271] E connect(5, AF=1 "/home/nass/dm0", 16): Connection refused
2013/07/18 17:53:56 socat[13271] N exit(1)
Why is the connection refused?
If /home/nass/dm0 is missing, the virtual machine will fail to startup (both in host pipe and host device cases)
I pre-created the node /home/nass/dm0 as a file with touch /home/nass/dm0. how should I setup virtualbox? host device? host pipe?
should dm0 even exist before powering up the virtual machine? if yes, should it be a file created with touch /home/nass/dm0? If it should be a socket, how do I pre-create it?
I realize this is an old question, but I was recently working with socat and virtual serial ports and this cropped up in a google search.
If you want socat to create the unix socket, then use UNIX-LISTEN instead of UNIX-CONNECT:
socat pty,link=/home/nass/acm0,raw,echo=0 unix-listen:/home/nass/dm0
Running the above produces a pty device with a symlink at $HOME/acm0:
$ ls -l ~/acm0
lrwxrwxrwx 1 lars lars 10 Jan 12 23:12 /home/lars/acm0 -> /dev/pts/8
And a Unix socket at $HOME/dm0:
$ ls -l ~/dm0
srwxr-xr-x 1 lars lars 0 Jan 12 23:12 /home/lars/dm0
If you connect to the unix socket and send data, it will be sent out the pty device (and vice-versa). This works, but it may not be what you want. If your Linux application expects to interact with a serial port, then instead of a unix socket you would want a second pty device:
socat pty,link=$HOME/vmside,raw,echo=0 pty,link=$HOME/hostside,raw,echo=0
This creates a pair of connected pty devices (one named vmside and one named hostside). You would connect the vmside pty to your virtual machine, and then you would connect your application (or other serial communication program, like picocom or cu or screen) to hostside.

Resources