I have seen (by actually reading a tun device) that the tun driver on linux can return multiple IP packets in a single read. Is the reverse true - can you write multiple IP packets in a single write to the tun device?
Actually multiple packets were returned by the driver because it had been enhanced locally. The tun driver that comes with linux only returns one packet per read. The driver also expects only one packet per write.
Related
I am a newbie in networking and learned about bridging concepts .I have a device which functions as bridge which works in transparent mode and filter mode.In the latter mode , whenever the packet is received to Ethernet port (which is bind to bridge ports of bridge) it floods to other Ethernet ports except the received one through bridging, If the mac address is not learned .How can i ensure this ? can anyone suggest a method to test this.
Every Ethernet switch you can find is a bridge. It learns MAC addresses from ingress frames and uses this MAC table for efficient forwarding. In the unlikely event of an unknown destination address is mimicks a repeater and outputs the frame to all ports but the one it was received from.
If you connect several computers with a bridge/switch and run a packet capture on all of them you'll see that you won't see traffic between two computers on a third computer. Some - broadcast - traffic - will show up on all of them, e.g. when you start a connection and ARP is requesting the destination MAC address for the destination IP address.
After having been studying a USB Packet Sniffer based around the BeagleBoard xM (https://gitorious.org/beagleboard-usbsniffer/), I have been at a loss as to how the driver actually works in a certain area.
I now understand that the BeagleBoard acts as a one port USB hub for the USB host to see, so that it may view and log the packets going through it. The part i'm trying to currently understand is how exactly the BeagleBoard is able to be somewhat transparent, and able to mimic the USB Vendor/Product ID's of the device being sniffed.
There is nothing to mimic. If it behaves as a hub, it can see all the traffic going between the computer and the device under test because all the USB packets would go through the hub. Packets are received by the hub and transmitted along to the other device.
Well..I have found some third party application regarding sending data from com port to IP. but I have not found any basic tutorial regarding them. so can anyone help me with this? I have a GPS device which I will connect to my laptop through usb to serial adapter.Now I need to send that data from a laptop to another laptop on same network. Can I use putty to view that data in another laptop(receiver)? Is virtual serial port driver meant for this kind of application?
If you do not want to write your own tool for it, you can simply use ncat and set up a daemon that reads piped data from one process and broadcasts it to all connected clients.
If you want something that reads the data from the serial port and then transmits it to clients, you'll need to write a server application that accepts connections and sends data around, but there's entire books on this. It should be easy to do for your purposes as written here, but it depends on the amount of control you need.
Alternatively you can use a virtual serial port application as you had mentioned, which might be the easiest route. The two devices will need to be on the same network unless the application supports TCP based virtualization instead of the common Ethernet based implementation.
This Python script works very well as a free "device server". Just enter the serial port configuration and the IP address and port information.
https://github.com/jaredly/pydbgp/blob/master/symbian/serial_tcp_redirect.py
This can work on both Windows and Linux.
You need pyserial.
You can always try using stand alone hardware such as the SENA LS100 device server.
I want to detect all devices in a LAN which have IP: 10.x.x.x Mask: 255.0.0.0.
I first wrote a synchronous ping program to ping IPs one by one, but it's tooooo slow.
Therefore I improved it by using asynchronous ping, then it's much faster.
Now I can use it to detect 10.x.0~255.0~255 in an acceptable time.
But it still use tooooooooooooo long time to detect all the IPs 10.0~255.0~255.0~255.
Is there any method/protocol that can just broadcast one message and let all devices in a LAN to respond, so I can detect all the devices?
(either Ethernet broadcast or UDP/IP broadcast or any other broadcast.)
(I've researched ARP & ICMP but haven't find suitable methods.)
Or any other method even don't need broadcast?
I just need to detect all the devices, any method is OK.
Not sure if it's what you are looking for but you can go in command prompt and run the command:
arp -a
I recommend "Angry IP Scanner" http://angryip.org/
It is fast, detects all devices in a given ip/netmask.
Angry IP scanner is a very fast IP address and port scanner.
From site:
It can scan IP addresses in any range as well as any their ports. It
is cross-platform and lightweight. Not requiring any installations, it
can be freely copied and used anywhere.
Angry IP scanner simply pings each IP address to check if it’s alive,
then optionally it is resolving its hostname, determines the MAC
address, scans ports, etc. The amount of gathered data about each host
can be extended with plugins.
It also has additional features, like NetBIOS information (computer
name, workgroup name, and currently logged in Windows user), favorite
IP address ranges, web server detection, customizable openers, etc.
at the moment I am using usbmon to sniff usb. for better understandability I want to use wireshark. I've used wireshark before for sniffing ethernet packets. But what to capture to sniff USB Packets ? I meant I need to start by selecting which interface to capture in wireshark. but what wold I select there for usb ?
Grab newest wireshark.
Use lsusb before and after plugin in device so You know which usb bus its plugged into.
type in terminal:
su -c "modprobe usbmon" && su -c "wireshark"
(First load kernel module that allow for usb sniffing for root, second load wireshark as root)
Than select usbmonX, where X stand for usb bus number (lsusb show those numbers).
After than you still need to filter packets for device / vendor id, or something else device specific, as wireshark will show all packets from all devices plugged into that bus. (Again lsusb before/after plugging you device will help).
Have you taken a look at the documentation for that on the Wireshark website?
In libpcap 1.0.x, the devices for capturing on USB have the name usbn, where n is the number of the bus. In libpcap 1.1.0 and later, they have the name usbmonn.
a quick notice since I just started using wireshark to sniff usb packets on linux. as I understand you need usbmon module loaded (which if you are using it should be). Additionally I seem to recall that while wireshark can be setup to let non root users sniff ethernet packets, some limitation required root access for usb packs (at least at the time of writting).
Similar to what others have said, on my system, Ubuntu 12.10, the usb interfaces have names like "usbmon1 USB bus number 1" and so forth.
(you might look at http://biot.com/blog/usb-sniffing-on-linux)
the link listed has an image showing a filter which can be used to select only traffic to from a device number (from lsusb).
I hope thats helpful
#przemo_li You want to filter by device address to see the communication from both the host and the device. The filter for that is usb.device_address ==.