The situation i have is Linux client is using UDP Socket. Client is sending message and in case no response within 10 seconds , Client will retry again in 10 seconds intervals.
The case is when connection is down , many trials are sent from client at the same time nothing was received on server side . Once the connection is up i found all previous messages are received at the same moment on server which means it was buffered and it causes a lot of problems because of duplicated messages received on the same moment on server side .
TCPDUMP ON client Side:
21:01:14.691903 IP 172.123.13211 > 172.34.13211: length 88 "1st at second 14"
21:01:24.692791 IP 172.123.13211 > 172.34.13211: length 88 "2nd at second 24"
21:01:34.694930 IP 172.123.13211 > 172.34.13211: length 88 "3rd at second 34"
21:01:44.696020 IP 172.123.13211 > 172.34.13211: length 88 "4th ate second 44"
Server TCPDUMP once the connection is up :
12:02:01.509518 IP 172.123.13211 > 13211: length 88 "Received 1st at second 1"
12:02:01.517841 IP 172.123.13211 > 13211: length 88 "Received 2nd at second 1"
12:02:01.543759 IP 172.123.13211 > 13211 length 88 "Received 3rd at second 1"
12:02:01.550741 IP 13211 > 172.123.13211: length 36
12:02:01.567948 IP 172.123.13211 > .13211: length 88
I need to understand in case of UDP socket is used and Connection is down .
how to avoid buffering packets during shortage
Client Code is in C++
Thank you
you might be looking for this :
How to flush Input Buffer of an UDP Socket in C?
Also the language you have used in the question is wrong. Please be more clean and precise and use relevant terminology
Related
The problem: how to fix this warning: [ Expert Info (Warning/Sequence): No response seen to ICMP request]
The story: I'm playing with scapy. I have two tools: A is the sender ( which sends a echo-request ) and B is the recipient ( which sends a echo-reply AFTER it sniffs a echo-request ). The code of A:
....
pinger = IP(dst=x.x.x.x)/ICMP(id=0x7ccb, seq=1)/text
....
The code of B:
.....
sniff(filter=f"src host x.x.x.x and dst host x.x.x.x and icmp",
iface="XX", count=1)
send(IP(dst=x.x.x.x)/ICMP(type="echo-reply", id=0x7ccb, seq=1)/textback)
....
The result:
enter image description here
It appears that if the payloads ( text of A and textback of B ) are the same, this warning does not get displayed. However, for my goal, the text shall be different. So, how do I get rid of this warning while keeping both payloads not the same?
The data received in the echo message must be returned in the echo reply message.
I'm playing with scapy. I'm trying to forge JUST PSH/ACK and ACK packets in sequence
I coded two tools: A which sends PSH/ACK packets and then sniffs the resulting ACK, writing the sequence in a file to use it later
.....
bitack = random.randrange(1,656787969)
bitseq = random.randrange(1,4294967295)
if os.path.exists('test.txt'):
with open('test.txt','r') as f:
bitseq = int(f.read())
else:
with open('test.txt','w') as f:
f.write(str(bitseq))
.....
text = "Ok"
TSval = int(time.time())
TSecr = TSval
acker = IP(src="127.0.0.1",dst=destinazione"127.0.0.1")/TCP(sport=88,dport=8888,
flags="PA", seq=bitseq, ack=bitack, options=[('Timestamp', (TSval, TSecr))])/text
send(acker)
.....
rx = sniff(filter="host 127.0.0.1 and src port 8888", iface="lo", count=1)
seqcc = rx[0].getlayer(TCP).seq
ackcc = rx[0].getlayer(TCP).ack
with open('test.txt','w') as f:
f.write(str(ackcc))
print("SEQFINALE=", ackcc)
B: which sends ACK packets AFTER it sniffs a PSH/ACK packet from A. I know the ack packets contain text ( in this example the same of A), but this is what I want
....
rx = sniff(filter="host 127.0.0.1 and dst port 8888", iface="lo", count=1)
seqcc = rx[0].getlayer(TCP).seq
print("seq:", seqcc)
ackcc = rx[0].getlayer(TCP).ack
print("ack:", ackcc)
var = rx[0][Raw].load.decode(encoding='utf-8', errors='ignore')
acker = IP(src="127.0.0.1",dst="127.0.0.1")/TCP(sport=8888,dport=88, flags="A",
seq=ackcc, ack=seqcc + int(len(var)), options=[('Timestamp', (TSval, TSecr))])/var
send(acker)
.....
Everything works fine expect that wireshark gives some warning and I don't understand why:
"Expert Info (Note/Sequence): This frame is a (suspected) retransmission"
The first two packets are perfect:
Is there any issue in how I handle the sequence number/ ack number?
This makes me crazy
It is a retransmission. Your capture shows a frame from 8888 to 88 at seq=1 with 52 bytes of data (len=52). If you ever send another frame from 8888 to 88 at seq=1, it's a retransmission. TCP streams are in a single direction: A sends to B, B ACK's what A sent. (in this case, there should be an ACK=53 in a frame from 88 to 8888, either alone or piggybacking data.)
I am doing some changes in the SO_PRIORITY of the socket that sends UDP packets, using the command setsockopt, is there a way to see that changes with Wireshark or Tcpdump.
I read that can be DSF (Differentiated Services Field), but I am not sure because when I make the changes I see that this field is 00.
I am running a Linux Mint 19.3
It is part of the 802.1Q header. For ex:
> 802.1Q Virtual LAN, PRI: 5, DEI: 0, ID: 4
101. .... .... .... = Priority: Voice, < 10ms latency and jitter (5)
...0 .... .... .... = DEI: Ineligible
.... 0000 0000 0100 = ID: 4
Type: IPv6 (0x86dd)
I'm practicing a little bit with constructing a socket server on python. I'm currently running it locally on my linux mint system, and testing it with telnet localhost 20000.
The idea is quite simple. For now, I want the client(myself) to send a "hello" message to the server on which the server responses back with another "hello" message. Then the client can send any message on which the server does not respond, until the client says "bye". Then the server responds with another "bye", and the socket is closed.
I implemented this in the following way (in python 3):
1 from socket import *
2 serverPort = 20000
3 serverSocket = socket(AF_INET, SOCK_STREAM)
4 serverSocket.bind(('', serverPort))
5 serverSocket.listen(1)
6
7 print('The echo server is ready to receive')
8 while 1:
9 connectionSocket, addr = serverSocket.accept()
10 print('Processing client ', addr)
11 sentence = ""
12
13 try:
14 sentence = connectionSocket.recv(1024)
15 while sentence != "hello":
16 sentence = connectionSocket.recv(1024)
17 connectionSocket.send("hello")
18
19 sentence = connectionSocket.recv(1024)
20 while sentence != "bye":
21 sentence = connectionSocket.recv(1024)
22 connectionSocket.send("bye")
23 except error:
24 pass
25
26 print('Client closed ', addr)
27 connectionSocket.close()
It's a very simple program, in which I can't find any bug, so I was very surprised to see it not work. When I type in "hello" after running the server with python3 server.py and establishing a connection trough telnet localhost 20000 I simply get no response. I first thought that the problem lies in the equality test in line number 15, so I tested a few things with prints, and instead of "hello" The message received by the server was: b'hello\r\n. I understand the \n, because I type Enter after the "hello" message, but it's not clear to me why the b' and the \r appear.
Do you know what the problem is here and how I can fix it? On other examples on stack overflow the string comparision just works fine, so I can't figure out why it is not working for me.
Thanks in advance!
Update:
I use nc now instead of telnet, and changed every occurence of connectionSocket.recv(1024) into str(connectionSocket.recv(1024), 'utf-8'). The server gets the correct string now, but it still does not echo "hello" back to me, nor does it close the socket when I type "bye".
Use netcat instead of telnet to avoid the telnet protocol bytes.
Like this: nc localhost 20000 and type your input then.
Also, socket I/O is always bytes in Python 3, for instance see https://docs.python.org/3/library/socket.html#socket.socket.recv So you have to compare with b'hello' (or decode the bytes to a string first)
If I generate an Ethernet frame without any upper layers payload and send it at layer two with sendp(), then I receive the "Mac address to reach destination not found. Using broadcast." warning and frame put to wire indeed uses ff:ff:ff:ff:ff:ff as a destination MAC address. Why is this so? Shouldn't the Scapy send exactly the frame I constructed?
My crafted package can be seen below:
>>> ls(x)
dst : DestMACField = '01:00:0c:cc:cc:cc' (None)
src : SourceMACField = '00:11:22:33:44:55' (None)
type : XShortEnumField = 0 (0)
>>> sendp(x, iface="eth0")
WARNING: Mac address to reach destination not found. Using broadcast.
.
Sent 1 packets.
>>>
Most people encountering this issue are incorrectly using send() (or sr(), sr1(), srloop()) instead of sendp() (or srp(), srp1(), srploop()). For the record, the "without-p" functions like send() are for sending layer 3 packets (send(IP())) while the "with-p" variants are for sending layer 2 packets (sendp(Ether() / IP())).
If you define x like I do below and use sendp() (and not send()) and you still have this issue, you should probably try with the latest version from the project's git repository (see https://github.com/secdev/scapy).
I've tried:
>>> x = Ether(src='01:00:0c:cc:cc:cc', dst='00:11:22:33:44:55')
>>> ls(x)
dst : DestMACField = '00:11:22:33:44:55' (None)
src : SourceMACField = '01:00:0c:cc:cc:cc' (None)
type : XShortEnumField = 0 (0)
>>> sendp(x, iface='eth0')
.
Sent 1 packets.
At the same time I was running tcpdump:
# tcpdump -eni eth0 ether host 00:11:22:33:44:55
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
12:33:47.774570 01:00:0c:cc:cc:cc > 00:11:22:33:44:55, 802.3, length 14: [|llc]