I want to test a toy gateway I wrote. The testing will occur on Linux machines. I would like to do this in the easiest way possible, ideally writing no code and using existing utilities. This boils down to two questions:
Is there an existing utility that can send packets with simple stuff in them(like a string that I supply) to a host through a user-specified gateway, without reconfiguring Linux's network settings? If so, what syntax would I use for the utility?
Is there a simple utility I can run on the receiving end to verify that the correct packet was received? If so, what syntax would I use for the utility?
I don't know about the first, but I don't think it's that hard to modify your routing table:
route add -host 1.2.3.4 gw 5.6.7.8
(replace 1.2.3.4 by your target IP and 5.6.7.8 by the IP of your gateway).
For 2.:
On the target server type netcat -l 1234 and on the client then type netcat 1.2.3.4 1234. (1234 is a "random" port number)(depending on your distribution netcat might be called simple "nc".) If a connection gets established you can just type data on the client or the server machine, press enter and see the data arriving on the other machine.
The easiest would probably be the nc(1). Assuming your gateway IP is 192.168.1.1 and you are using TCP, then on the server, listening on port 8888:
~$ nc -k -l 8888
On the client:
~$ nc 192.168.1.1 8888
your input
...
^C
Related
Usually I prefer finding a solution on my own, but unfortunately that didn't work out too well this time so I'm asking here.
I'm trying to deal with a server (rather a computer with no screen and debian minimal on it) which is on the usual home network. Problem is the ISP is running out of ipv4 addresses and therefore
decided to use ipv6 instead and dual-stack lite to access the ipv4 side of the internet. This means the computer is not accessible over the ipv4 address from the outside
but is able to connect to a ipv4 computer.
I do have a vserver (debian as well) which still uses only ipv4, so my plan was to use it as some kind of relay or porxy. Problem there is, I am not able to use iptables to configure NAT
since the server provider has removed that module from the kernel.
My first attempt was to use an SSH tunnel like this:
ssh -f user#vserver -R 2222:localhost:22 -N
This allows me to access the CLI over SSH which now listens on port 2222.
Next step was to open a second SSH tunnel and tunnel UDP traffic through that using socat:
homeserver:~# socat tcp4-listen:${tcpport of second tunnel},reuseaddr,fork udp:localhost:${udpport to forward traffic from}
vserver:~# socat -T15 udp4-recvfrom:${udpport to forward traffic to},reuseaddr,fork tcp:localhost:${tcpport of second tunnel}
This does work, however once the client application is trying to connect to the UDP port, the server application is trying to continue the communication on a different new port from the dynamic
port range (Ephemeral Port Range I think). That one random port of course is not being forwarded since socat is not listening to.
The second attempt also involved an SSH tunnel, only a dynamic one this time (basically a socks proxy).
I was trying to setup a virtual network device to route all the traffic through the socks proxy:
(As described in man pages from badvpn-tun2socks)
homeserver:~# openvpn --mktun --dev tun0 --user <someuser> #create tun0 device
homeserver:~# ifconfig tun0 10.0.0.1 netmask 255.255.255.0 #configure it
homeserver:~# route add <IP_vserver> gw <IP_of_original_gateway> metric #Route all traffic through tun0
homeserver:~# route add default gw 10.0.0.2 metric 6 #exept the ones to the vserver
homeserver:~# badvpn-tun2socks --tundev tun0 --netif-ipaddr 10.0.0.2 --netif-netmask 255.255.255.0 --socks-server-addr 127.0.0.1:1080 \
--udpgw-remote-server-addr 127.0.0.1:7300
This needs to SSH socks-proxies since upd needs to be handled seperately.
On the vserver side of things these need to be handled as well:
vserver:~# badvpn-udpgw --listen-addr 127.0.0.1:7300
The connection between both is successful but this time the homeserver is not accessible at all. (seems to me like the vserver has no clue what to do with the packets)
I hope there is a simple fix to either of my attempts. But as it stands now,
I think my whole approach is fundamentally flawed and I'm starting to run out of ideas.
Any help would be appreciated, Thanks in advance!
I have Opensips running on a static ip "192.168.1.60" to which multiple users are registered with different Ips. Like
User A ip ="192.168.1.43"
User B ip ="192.168.1.33"
User C ip ="192.168.1.23" etc
I want Sip dump traces, user wise(their ip based) into separate files. How can i do this?
Any help would be much appreciated.
Thanks
tcpdump -nq -s 0 -A -vvv port 5060 and host 1.2.3.4 -w
Use the Host condition to isolate traffic from different hosts. If the Host addresses are already known.
Else you capture one and run filters on Wireshark or any other packet capture software as needed to extract.
what is the Linux command to connect to another server using host name and port number?
how to connect to another server using only host name and port number then check if an existing process is running? the only way i see it working is to log in to the server and run the PS command. but is there a way to do it without logging in directly to the other server and connect only with host name and port number and check the running process?
If you just want to try an arbitrary connection to a given host/port combination, you could try one nmap, telnet or nc (netcat).
Note that you can't necessarily determine whether or not a process is running remotely - it might be running on that port, but simply ignore anything it sees over the port. To really be sure, you will need to run ps or netstat or etc. via ssh or etc.
If you want to use SSH from e.g. a script or, more generally, without typing in login information, then you will want to use public key authentication. Ubuntu has some good documentation on how to set this up, and it's very much applicable to other distrobutions as well: https://help.ubuntu.com/community/SSH/OpenSSH/Keys.
If you have no access to the server you're trying to list processes on at all, then I'm afraid there isn't a way to list running processes remotely (besides remote tools like nmap and so on, as mentioned earlier - you can always probe public ports without authentication [although you might make people angry if you do this to servers you don't own]). This is a feature, not a problem.
telnet connects to most of services. With it you can ensure that port is open and see hello message (if any). Also nc is more low level.
eri#eri-macro ~ $ telnet smtp.yandex.ru 25
Trying 87.250.250.38...
Connected to smtp.yandex.ru.
Escape character is '^]'.
220 smtp16.mail.yandex.net ESMTP (Want to use Yandex.Mail for your domain? Visit http://pdd.yandex.ru)
helo
501 5.5.4 HELO requires domain address.
HELO ya.ru
250 smtp16.mail.yandex.net
MAILĀ FROM: <someusername#somecompany.ru>
502 5.5.2 Syntax error, command unrecognized.
If there is plain text protocol you cat talk with service by keyboard. If connection is secured try openssl.
openssl s_client -quiet -connect www.google.com:443
depth=1 /C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
verify error:num=20:unable to get local issuer certificate
verify return:0
GET /
<HTML><HEAD>
If protocol is not known you may see much of hieroglyphs or just Connected to ... message.
Try this :
ssh <YOUR_HOST_NAME> 'ps auxwww'
Like Dark Falcon said in the comments, you need a protocol to communicate with the server, a port alone is useless in this case.
By default on unix (and unix like) servers, ssh is the way to go.
Remote Shell with this command. Example is cat a file on the remote machine.
rsh host port 'cat remotefile' >> localfile
host and port self explainitory
remotefile: name of some file on the machine remote logging to in home directory
localfile: name of file cat information to.
Use monitoring software (like Nagios). It looks at your processes, sensors, load and thatever you configured to watch. It continuously stores log. It alerts you by email\sms\jabber if something fails. You can access it with browser or by HTTP API.
We have a CentOS server with 2 ethernet adapters. Both of these adapters have access to the internet and both can be used to connect to remote sites.
Is there a way to know which ethernet adapter will be used when connecting to an FTP server or connecting via SSH to another server? If so, is there a way to force it to use a particular adapter without disabling any?
Perhaps you can set up a special route for the servers you intend to connect to? Have a look at the route command, or the "ip route" command.
EDIT: This seems to contain an example of what I'm saying: http://www.cyberciti.biz/faq/howto-linux-configuring-default-route-with-ipcommand/
Specifically:
Type the following command to sent all packets to the local enter
code herenetwork 192.168.1.0 directly through the device eth0:,
enter
ip route add 192.168.1.0/24 dev eth0
For ssh, you can use the BindAddress ssh_config option. You can specify it on the command line with the -o option.
I am looking for a tool (under linux) that will allow me to set up an end to end proxy that accepts multiple simultaneous clients on one port at one end, forwards the data to the other end with a single connection then "expands" the connection at the other end to connect back to a service that accepts multiple connections. To clarify, here is a diagram of what I want to achieve:
http://i.stack.imgur.com/rgTMd.png
(apparantly I need more then 10 rep to have the image embedded in this page)
If you're interested, the reason why I am attempting to do this is because I want to build a system that would make it easier to tunnel over arbitrary protocols, as long as the protocol supports some way to send some message from one end to another. I would put the system in between proxy end A and proxy end B in the diagram above.
Here is an example of how I want it to work:
First I will run the following commands
mkfifo backpipe
nc -l 7778 0<backpipe | tee f1 | nc localhost 7777 | tee f2 >backpipe
The "server proxy" will be running on port 7777.
The "client proxy" that the application will connect to will be running on port 8080
The client proxy will connect to port 7778
Solve for "server proxy" and "client proxy"
OpenSSH already supports this with the -D option:
ssh -D <port> -l username remotehost
A SOCKS server will listen for connections on and forward them to the other end of the SSH connection.
I've decided to code my own solution for the mean time. It's a bit of python code that accepts multiple clients and basically proxies the communication through the standard input/output. If anyone is interested, here's the code http://pastebin.com/1E45Exsy
Don't trust this code to work perfectly. I have not tested it properly and it doesn't handle disconnecting clients.
I will continue to search for a more elegant and robust solution, but this should do in the meantime. I'll post updates to the code here if I make them.