IPv6 encapsuling on Azure ILPIP - azure

Use of IPv6 tunnels (like tunnelbroker.net) is possible on Azure VM, via ILPIP (Instance Level Public IP)?
I tried to use it, but I don't get replies for ping packets to IPv6 gateway.
Internet Protocol Version 4, Src: 100.90.204.79, Dst: 216.66.84.46
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
Total Length: 124
Identification: 0x33d7 (13271)
Flags: 0x02 (Don't Fragment)
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 255
Protocol: IPv6 (41)
Header checksum: 0xea66 [validation disabled]
[Good: False]
[Bad: False]
Source: 100.90.204.79
Destination: 216.66.84.46
[Source GeoIP: Unknown]
[Destination GeoIP: Unknown]
Internet Protocol Version 6, Src: 2001:470:1f14:105a::2, Dst: 2001:470:1f14:105a::1
0110 .... = Version: 6
.... 0000 0000 .... .... .... .... .... = Traffic class: 0x00 (DSCP: CS0, ECN: Not-ECT)
.... 0000 00.. .... .... .... .... .... = Differentiated Services Codepoint: Default (0)
.... .... ..00 .... .... .... .... .... = Explicit Congestion Notification: Not ECN-Capable Transport (0)
.... .... .... 1001 0111 0111 0110 1010 = Flowlabel: 0x0009776a
Payload length: 64
Next header: ICMPv6 (58)
Hop limit: 64
Source: 2001:470:1f14:105a::2
Destination: 2001:470:1f14:105a::1
[Source GeoIP: Unknown]
[Destination GeoIP: Unknown]
Internet Control Message Protocol v6
Type: Echo (ping) request (128)
Code: 0
Checksum: 0xd3f8 [correct]
Identifier: 0x5016
Sequence: 1
[No response seen]
[Expert Info (Warn/Sequence): No response seen to ICMPv6 request in frame 212]
[No response seen to ICMPv6 request in frame 212]
[Severity level: Warn]
[Group: Sequence]
Data (56 bytes)
Data: 8bb5ed56000000006ed40d00000000001011121314151617...
[Length: 56]
I suspect that Azure is rejecting IPv4 protocol 41, am I correct?

The following is documented:
Microsoft has played a leading role in helping customers to smoothly transition from IPv4 to IPv6 for the past several years. To date, Microsoft has built IPv6 support into many of its products and solutions like Windows 8 and Windows Server 2012 R2. Microsoft is committed to expanding the worldwide capabilities of the Internet through IPv6 and enabling a variety of valuable and exciting scenarios, including peer-to-peer and mobile applications. The foundational work to enable IPv6 in the Azure environment is well underway. However, we are unable to share a date when IPv6 support will be generally available at this time.

Related

secure boot and flash encryption on esp32 using esp-idf

I am implementing secure boot and flash encryption on esp32
So far.
1. I successfully implemented secure boot with reflashable bootloader
a-> idf.py menuconfig
b-> set secureboot with reflasbale bootloader
c-> genrated secure_boot_key using espsecue.py and given this name to secre boot key in menuconfig
d-> bootloader config->bootloader log verbosity(error)
e-> idf.py build
f-> Burn secure boot key to efuse using:
D:\esp\tools.espressif\python_env\idf4.1_py3.9_env\Scripts\python.exe D:/esp/esp-idf/components/esptool_py/esptool/espefuse.py burn_key secure_boot D:/ESP32_Projects/blink/build/bootloader/secure-bootloader-key-256.bin
g-> Burn efuse of secureboot
espefuse -p COM4 burn_efuse ABS_DONE_0
h->First time flash command is:
D:\esp\tools.espressif\python_env\idf4.1_py3.9_env\Scripts\python.exe D:/esp/esp-idf/components/esptool_py/esptool/esptool.py --chip esp32 --port (PORT) --baud (BAUD) --before default_reset --after no_reset write_flash --flash_mode dio --flash_freq 40m --flash_size 2MB
-u 0x1000 D:/ESP32_Projects/blink/build/bootloader/bootloader.bin
i->To reflash the bootloader after initial flash:
D:\esp\tools.espressif\python_env\idf4.1_py3.9_env\Scripts\python.exe D:/esp/esp-idf/components/esptool_py/esptool/esptool.py --chip esp32 --port (PORT) --baud (BAUD) --before default_reset --after no_reset write_flash --flash_mode dio --flash_freq 40m --flash_size 2MB
-u 0x0 D:/ESP32_Projects/blink/build/bootloader/bootloader-reflash-digest.bin
j->idf.py flash monitor
and secureboot is enabled with reflasbable bootloader
2. Now for Flash Encryption
-> gone through the flash_encryption example is security esp-idf and it worked.
3. Now for both Secure boot with flash encryption where I am facing problem
What I did
-> Enabled flash encryption first
->then enabled secure boot using same method explained above using (a-i)
->idf.py encrypted-flash monitor
Output is given below kindly have look and kindly tell me what should I do next..Thanks
D:\ESP32_Projects\flash_encryption>idf.py encrypted-flash monitor
Adding "encrypted-flash"'s dependency "all" to list of commands with default set of options.
Executing action: all (aliases: build)
Running ninja in directory d:\esp32_projects\flash_encryption\build
Executing "ninja all"...
[1/4] cmd.exe /C "cd /D D:\ESP32_Projects\flash_encryption\build\esp...*******************************************************************"
Partition table binary generated. Contents:
*******************************************************************************
# Espressif ESP32 Partition Table
# Name, Type, SubType, Offset, Size, Flags
nvs,data,nvs,0x9000,24K,
storage,data,255,0xf000,4K,encrypted
factory,app,factory,0x10000,1M,
*******************************************************************************
[2/4] Performing build step for 'bootloader'
ninja: no work to do.
Executing action: encrypted-flash
Choosing default port b'COM4' (use '-p PORT' option to set a specific serial port)
Running esptool.py in directory d:\esp32_projects\flash_encryption\build
Executing "D:\esp\tools\.espressif\python_env\idf4.1_py3.9_env\Scripts\python.exe D:\esp\esp-idf\components/esptool_py/esptool/esptool.py -p COM4 -b 460800 --before default_reset --after no_reset --chip esp32 write_flash #flash_encrypted_project_args"...
esptool.py -p COM4 -b 460800 --before default_reset --after no_reset --chip esp32 write_flash --encrypt 0x8000 partition_table/partition-table.bin 0x10000 flash_encryption.bin
esptool.py v2.9-dev
Serial port COM4
Connecting........__
Chip is ESP32D0WDQ6 (revision 1)
Features: WiFi, BT, Dual Core, 240MHz, VRef calibration in efuse, Coding Scheme None
Crystal is 40MHz
MAC: 30:ae:a4:fe:62:c8
Uploading stub...
Running stub...
Stub running...
Changing baud rate to 460800
Changed.
Configuring flash size...
Auto-detected Flash size: 4MB
WARNING: - compress and encrypt options are mutually exclusive
Will flash uncompressed
Wrote 16384 bytes at 0x00008000 in 0.4 seconds (349.4 kbit/s)...
Wrote 163840 bytes at 0x00010000 in 3.8 seconds (344.5 kbit/s)...
Leaving...
Staying in bootloader.
Executing action: monitor
Running idf_monitor in directory d:\esp32_projects\flash_encryption
Executing "D:\esp\tools\.espressif\python_env\idf4.1_py3.9_env\Scripts\python.exe D:\esp\esp-idf\tools/idf_monitor.py -p COM4 -b 115200 --toolchain-prefix xtensa-esp32-elf- d:\esp32_projects\flash_encryption\build\flash_encryption.elf --encrypted -m 'D:\esp\tools\.espressif\python_env\idf4.1_py3.9_env\Scripts\python.exe' 'D:\esp\esp-idf\tools\idf.py'"...
--- idf_monitor on COM4 115200 ---
--- Quit: Ctrl+] | Menu: Ctrl+T | Help: Ctrl+T followed by Ctrl+H ---
ets Jun 8 2016 00:22:57
rst:0x1 (POWERON_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x10 (RTCWDT_RTC_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x10 (RTCWDT_RTC_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x10 (RTCWDT_RTC_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x10 (RTCWDT_RTC_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x10 (RTCWDT_RTC_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x10 (RTCWDT_RTC_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x10 (RTCWDT_RTC_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
Done
D:\ESP32_Projects\flash_encryption>espefuse -p COM4 summary
Connecting........_
Detecting chip type... ESP32
espefuse.py v3.1
EFUSE_NAME (Block) Description = [Meaningful Value] [Readable/Writeable] (Hex Value)
----------------------------------------------------------------------------------------
Calibration fuses:
BLK3_PART_RESERVE (BLOCK0): BLOCK3 partially served for ADC calibration data = False R/W (0b0)
ADC_VREF (BLOCK0): Voltage reference calibration = 1128 R/W (0b00100)
Config fuses:
XPD_SDIO_FORCE (BLOCK0): Ignore MTDI pin (GPIO12) for VDD_SDIO on reset = False R/W (0b0)
XPD_SDIO_REG (BLOCK0): If XPD_SDIO_FORCE, enable VDD_SDIO reg on reset = False R/W (0b0)
XPD_SDIO_TIEH (BLOCK0): If XPD_SDIO_FORCE & XPD_SDIO_REG = 1.8V R/W (0b0)
CLK8M_FREQ (BLOCK0): 8MHz clock freq override = 55 R/W (0x37)
SPI_PAD_CONFIG_CLK (BLOCK0): Override SD_CLK pad (GPIO6/SPICLK) = 0 R/W (0b00000)
SPI_PAD_CONFIG_Q (BLOCK0): Override SD_DATA_0 pad (GPIO7/SPIQ) = 0 R/W (0b00000)
SPI_PAD_CONFIG_D (BLOCK0): Override SD_DATA_1 pad (GPIO8/SPID) = 0 R/W (0b00000)
SPI_PAD_CONFIG_HD (BLOCK0): Override SD_DATA_2 pad (GPIO9/SPIHD) = 0 R/W (0b00000)
SPI_PAD_CONFIG_CS0 (BLOCK0): Override SD_CMD pad (GPIO11/SPICS0) = 0 R/W (0b00000)
DISABLE_SDIO_HOST (BLOCK0): Disable SDIO host = False R/W (0b0)
Efuse fuses:
WR_DIS (BLOCK0): Efuse write disable mask = 384 R/W (0x0180)
RD_DIS (BLOCK0): Efuse read disable mask = 3 R/W (0x3)
CODING_SCHEME (BLOCK0): Efuse variable block length scheme
= NONE (BLK1-3 len=256 bits) R/W (0b00)
KEY_STATUS (BLOCK0): Usage of efuse block 3 (reserved) = False R/W (0b0)
Identity fuses:
MAC (BLOCK0): Factory MAC Address
= 30:ae:a4:fe:62:c8 (CRC 0x61 OK) R/W
MAC_CRC (BLOCK0): CRC8 for factory MAC address = 97 R/W (0x61)
CHIP_VER_REV1 (BLOCK0): Silicon Revision 1 = True R/W (0b1)
CHIP_VER_REV2 (BLOCK0): Silicon Revision 2 = False R/W (0b0)
CHIP_VERSION (BLOCK0): Reserved for future chip versions = 2 R/W (0b10)
CHIP_PACKAGE (BLOCK0): Chip package identifier = 0 R/W (0b000)
MAC_VERSION (BLOCK3): Version of the MAC field = 0 R/W (0x00)
Security fuses:
FLASH_CRYPT_CNT (BLOCK0): Flash encryption mode counter = 1 R/W (0b0000001)
UART_DOWNLOAD_DIS (BLOCK0): Disable UART download mode (ESP32 rev3 only) = False R/W (0b0)
FLASH_CRYPT_CONFIG (BLOCK0): Flash encryption config (key tweak bits) = 15 R/W (0xf)
CONSOLE_DEBUG_DISABLE (BLOCK0): Disable ROM BASIC interpreter fallback = True R/W (0b1)
ABS_DONE_0 (BLOCK0): Secure boot V1 is enabled for bootloader image = True R/W (0b1)
ABS_DONE_1 (BLOCK0): Secure boot V2 is enabled for bootloader image = False R/W (0b0)
JTAG_DISABLE (BLOCK0): Disable JTAG = True R/W (0b1)
DISABLE_DL_ENCRYPT (BLOCK0): Disable flash encryption in UART bootloader = False R/W (0b0)
DISABLE_DL_DECRYPT (BLOCK0): Disable flash decryption in UART bootloader = True R/W (0b1)
DISABLE_DL_CACHE (BLOCK0): Disable flash cache in UART bootloader = True R/W (0b1)
BLOCK1 (BLOCK1): Flash encryption key
= ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? -/-
BLOCK2 (BLOCK2): Secure boot key
= ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? -/-
BLOCK3 (BLOCK3): Variable Block 3
= 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/W
Flash voltage (VDD_SDIO) determined by GPIO12 on reset (High for 1.8V, Low/NC for 3.3V).

Return regular expression only one time

I am trying to have regular expression only print the result one time. Is there any suggestions? Since I want the code to read the entire text file, but there are many dates that are the same, but I just want the code to return that date one time only.
code:
import re
filename = set(open('wireshark.txt', 'r'))
pattern_object = re.compile(r'(\d\d\d\d-\d\d-\d\d)')
for line in filename:
match_object = pattern_object.search(line)
if match_object:
regex = match_object.group(1)
print(regex)
Text file:
No. Time Source Destination Protocol Length Info
2 2021-02-12 13:33:12.206424 192.168.1.151 172.217.10.46 QUIC 1392 Initial, DCID=e4267bae554f387d, PKN: 1, CRYPTO, PADDING
Frame 2: 1392 bytes on wire (11136 bits), 1392 bytes captured (11136 bits) on interface \Device\NPF_{28AA034F-AC94-4D4A-9CA9-9AEA5D0EF2C1}, id 0
Ethernet II, Src: Micro-St_0e:cd:34 (00:d8:61:0e:cd:34), Dst: Verizon_fb:8b:82 (20:c0:47:fb:8b:82)
Internet Protocol Version 4, Src: 192.168.1.151, Dst: 172.217.10.46
User Datagram Protocol, Src Port: 57189, Dst Port: 443
QUIC IETF
No. Time Source Destination Protocol Length Info
3 2021-02-12 13:33:12.225610 172.217.10.46 192.168.1.151 QUIC 1392 Initial, SCID=e4267bae554f387d, PKN: 1, ACK, CRYPTO, PADDING
Frame 3: 1392 bytes on wire (11136 bits), 1392 bytes captured (11136 bits) on interface \Device\NPF_{28AA034F-AC94-4D4A-9CA9-9AEA5D0EF2C1}, id 0
Ethernet II, Src: Verizon_fb:8b:82 (20:c0:47:fb:8b:82), Dst: Micro-St_0e:cd:34 (00:d8:61:0e:cd:34)
Internet Protocol Version 4, Src: 172.217.10.46, Dst: 192.168.1.151
User Datagram Protocol, Src Port: 443, Dst Port: 57189
QUIC IETF
No. Time Source Destination Protocol Length Info
4 2021-02-12 13:33:12.225989 192.168.1.151 172.217.10.46 TLSv1.2 146 Application Data
No. Time Source Destination Protocol Length Info
4 2021-04-12 13:33:12.225989 192.168.1.151 172.217.10.46 TLSv1.2 146 Application Data
No. Time Source Destination Protocol Length Info
4 2021-06-12 13:33:12.225989 192.168.1.151 172.217.10.46 TLSv1.2 146 Application Data
No. Time Source Destination Protocol Length Info
4 2021-06-12 13:33:12.225989 192.168.1.151 172.217.10.46 TLSv1.2 146 Application Data
Code execute output:
2021-02-12
2021-02-12
2021-02-12
2021-02-12
2021-02-12
2021-02-12
2021-04-12
2021-06-12
2021-06-12
desire code execute output:
2021-02-12
2021-04-12
2021-06-12
Here's a minimal example for how to get all the unique dates in the file.
Essentially, it's a 4 stage process:
Store the pattern to search for as a string
Open the file and get all the text
Use re.findall() to get all of the text matching the pattern
Use set() to keep only the unique matches
import re
# Make the pattern
pattern = '(\d\d\d\d-\d\d-\d\d)'
# Open the file and read all the text into a variable
with open('wireshark.txt') as file:
text = file.read()
# Search the text for anything matching the pattern
matches = re.findall(pattern, text)
# Print the unique matches
print(set(matches))
The key thing here is the combination of re.findall() (search for multiple matches at once) and set() (to get rid of duplicates.

Is there a way to check the Socket Priority with Wireshark or Tcpdump?

I am doing some changes in the SO_PRIORITY of the socket that sends UDP packets, using the command setsockopt, is there a way to see that changes with Wireshark or Tcpdump.
I read that can be DSF (Differentiated Services Field), but I am not sure because when I make the changes I see that this field is 00.
I am running a Linux Mint 19.3
It is part of the 802.1Q header. For ex:
> 802.1Q Virtual LAN, PRI: 5, DEI: 0, ID: 4
101. .... .... .... = Priority: Voice, < 10ms latency and jitter (5)
...0 .... .... .... = DEI: Ineligible
.... 0000 0000 0100 = ID: 4
Type: IPv6 (0x86dd)

Bluetooth logs from wireshark. Can anyone tell me what this is?

Random mac address that changes every five-ten minutes or so. Sending out two different packets from the same address. What is this for?
No. Time Source Destination Protocol Length Info
9 0.821581 controller host HCI_EVT 42 Rcvd LE Meta (LE Advertising Report)
Frame 9: 42 bytes on wire (336 bits), 42 bytes captured (336 bits) on interface bluetooth-monitor, id 0
Bluetooth
Bluetooth Linux Monitor Transport
Bluetooth HCI Event - LE Meta
Event Code: LE Meta (0x3e)
Parameter Total Length: 40
Sub Event: LE Advertising Report (0x02)
Num Reports: 1
Event Type: Scannable Undirected Advertising (0x02)
Peer Address Type: Random Device Address (0x01)
BD_ADDR: 77:fd:98:85:c9:32 (77:fd:98:85:c9:32)
Data Length: 28
Advertising Data
16-bit Service Class UUIDs
Length: 3
Type: 16-bit Service Class UUIDs (0x03)
UUID 16: Google (0xfe9f)
Service Data - 16 bit UUID
Length: 23
Type: Service Data - 16 bit UUID (0x16)
UUID 16: Google (0xfe9f)
Service Data: 026f4c574c3751686a4f4c63000001759a6c74b2
RSSI: -75dBm
No. Time Source Destination Protocol Length Info
10 0.823598 controller host HCI_EVT 24 Rcvd LE Meta (LE Advertising Report)
Frame 10: 24 bytes on wire (192 bits), 24 bytes captured (192 bits) on
interface bluetooth-monitor, id 0
Bluetooth
Bluetooth Linux Monitor Transport
Bluetooth HCI Event - LE Meta
Event Code: LE Meta (0x3e)
Parameter Total Length: 22
Sub Event: LE Advertising Report (0x02)
Num Reports: 1
Event Type: Scan Response (0x04)
Peer Address Type: Random Device Address (0x01)
BD_ADDR: 77:fd:98:85:c9:32 (77:fd:98:85:c9:32)
Data Length: 10
Advertising Data
Manufacturer Specific
Length: 9
Type: Manufacturer Specific (0xff)
Company ID: Google (0x00e0)
Data: 0a89fa5bf176
RSSI: -75dBm
This might be some kind of BLE beacon using a random address for privacy. Apart from being registered to Google, there doesn't seem to be any other public information on its use

Creating\Editing BlueTooth SDP records

Do anybody know of any (free) tools that can aid in the creation\editing of Blue-Tooth's SDP (Service Discovery) records?
Windows based tools preferred.
You can use my 32feet.NET library. There's no UI for this but there's library code which could be easily used for this. Use class ServiceRecordBuilder. Some docs at Creating Records. For example:
ServiceRecordBuilder bldr = new ServiceRecordBuilder();
bldr.AddServiceClass(BluetoothService.SerialPort);
bldr.ServiceName = "Alan's SPP service";
bldr.AddBluetoothProfileDescriptor(BluetoothService.AVRemoteControl, 1, 0);
bldr.AddCustomAttribute(new ServiceAttribute(0x8001,
ServiceElement.CreateNumericalServiceElement(ElementType.UInt16, 0xFEDC)));
//
ServiceRecord record = bldr.ServiceRecord;
//
var txt = ServiceRecordUtilities.Dump(record);
Console.WriteLine(txt);
//
var byteArr = record.ToByteArray();
var txtBA = BitConverter.ToString(byteArr);
Console.WriteLine(txtBA);
Output is:
ElementSequence
ElementSequence
Uuid16: 0x100 -- L2CapProtocol
ElementSequence
Uuid16: 0x3 -- RFCommProtocol
UInt8: 0x0
( ( L2Cap ), ( Rfcomm, ChannelNumber=0 ) )
AttrId: 0x0006 -- LanguageBaseAttributeIdList
ElementSequence
UInt16: 0x656E
UInt16: 0x6A
UInt16: 0x100
AttrId: 0x0009 -- BluetoothProfileDescriptorList
ElementSequence
ElementSequence
Uuid16: 0x110E -- AVRemoteControl
UInt16: 0x100
AttrId: 0x0100 -- ServiceName
TextString: [en] 'Alan's SPP service'
AttrId: 0x8001
UInt16: 0xFEDC
array:
35-51-09-00-01-35-03-19-11-01-09-00-04-35-0C-35-03-19-01-00-35-05-19-00-03-08-00-09-00-06-35-09-09-65-6E-09-00-6A-09-01-00-09-00-09-35-08-35-06-19-11-0E-09-01-00-09-01-00-25-12-41-6C-61-6E-27-73-20-53-50-50-20-73-65-72-76-69-63-65-09-80-01-09-FE-DC
BlueZ is the linux Bluetooth stack, and it comes with sdptool utility for working with SDP. This page has some examples, http://alanjmcf.wordpress.com/2011/08/09/bluez-sdptool-usage-notes/

Resources