I am trying to use netcat to simulate a NAT traversal protocol.
I have one instance that is listening for UDP packets on port 6666, as so:
nc -ul 6666
In another terminal window, I am trying to periodically send a UDP packet from port 6666 (to open the return path on my router. this would be in a script that repeats every 20 seconds to re-open the port)
nc -u -p6666 mypinghost.com 4444
The problem is netcat fails on this ping call with the message:
nc: bind failed: Address already in use
Which implies that the listener having bound to port 6666 is blocking another process from sending from that port, or possibly that netcat is trying to bind to 6666 to listen.
Is this just how netcat is written, or can I tickle it some way to let me send a packet without binding to the port to listen?
nc -ul 6666
Listen at UDP port 6666.
nc -u -p6666 mypinghost.com 4444
Using UDP port 6666 as the source port, send to mypinghost:4444.
nc: bind failed: Address already in use
That would be on the second netcat invocation, where 6666 is already in use by the first one.
Which implies that the listener having bound to port 6666 is blocking another process from sending from that port
Correct.
or possibly that netcat is trying to bind to 6666 to listen.
And definitely that. You told it to do that, so it did it.
What you are trying to do is impossible between two processes in the same host. Only one process can use a specific local UDP port at a time, unless you use SO_REUSEADDRESS, which netcat doesn't appear to implement.
As the other poster has suggested, the solution lies in using a single process.
I do not believe you can use netcat in that way. I would recommend writing a simple Python script that does both the sending and receiving tasks in one process. That way you can hold that port exclusively and still accomplish both tasks.
Related
I am trying to connect to tensorboard on my google compute engine instance but it is not working.
I have an anacondo distribution and use:
tensorboard --logdir=/logs
to create my tensorboard at default port 6006.
I also allowed HTTP/HTTPS traffic at my instance and also edited my firewall rules to allow traffic at:
IP ranges: 0.0.0.0/0
tcp:6006
udp:6006
But, when I try to acess my tensorboard at
http://EXTERNAL_IP:6006
I get a timeout loading.
Can anybody help me?
Normally this type of configuration is related to port communication issues. Go ahead and get all the available ports with nmap, and you should see something as following:
$ nmap -Pn [YOUR IP ADDRESS]
PORT STATE SERVICE
22/tcp open ssh
80/tcp closed http
443/tcp closed https
3389/tcp closed ms-wbt-server
Once, you confirm if the port "6006" is open, check if it can connect to your server with a telnet:
$ telnet [YOUR IP ADDRESS] [YOUR PORT]
telnet: Unable to connect to remote host: Connection refused
If you get "connection refused" make sure not only that this port is "open" but that it's "listening" as well (remember this needs to be configured on your application in your web server). You can check that with a netstat as following:
$ netstat -an | egrep -w “6006”
And you should see something like this (example for port 22):
$ netstat -an | grep 22
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
If it says 127.0.0.1 on the Local Address column, it means that port is ONLY listening for connections from your PC itself, not from the Internet or network. If it says 0.0.0.0, it means that port is listening on all 'network interfaces' (i.e. your computer, your modem(s) and your network card(s)).
Thus, the IP you need is the one as the example (0.0.0.0), since this means all IPs can reach that specific port. Plus, you must see the “Listen” status.
In addition, make sure to set up properly the Firewall rules in GCP and your software running on the instance itself to allow traffic to/from this port “6006” in specific, either to any instance or to a specific one using network tags.
I am fairly new to Linux and GNU Radio.
I am trying to use GNU Radio to process information. To pass information into GNU Radio, I was planning on using the Socket PDU blocks to pass in information through a socket. To test out the connection I placed 2 Socket PDU blocks in GNU Radio Companion and connected them together, then I used netcat to send and receive messages and files.
I was able to get the connection to work when I had both Socket PDU blocks to TCP server. The sending block was set to port 52001 and the receiving block to 52002. In one terminal I typed:
nc localhost 52002
In a second terminal I typed:
nc localhost 52001
After that, any messages I typed in the second terminal appeared in the first.
I tried to do the same thing with setting the Socket PDU blocks to UDP Server and using the commands:
nc -u localhost 52002
nc -u localhost 52001
But nothing I typed in the second terminal would appear in the first.
What am I missing here? Does netcat just not work with this kind of stuff, or am I forgetting a step? With being new to Linux, GNU Radio and network protocols, I don't even know where to start.
You'll have to go to the receiving terminal and press enter. This will send an empty UDP packet to the server and tell it about the existence of this terminal/socket.
Just
nc -u localhost 52001
doesn't do anything as UDP has no connection setup.
I am doing a local forwarding to the remote port at 80 which the apache2 is listening on like this ssh -L 80:localhost:80 user#host.com , so it connects me to the remote server, however I find I can still do mkdir rm and such commands. Isn't it so that I am only forwarded to application listening on port 80? so what's the difference to this command ssh -p 22 host.com ? Is there a way to test if this port forwarding is working?
Yes, you can Test as follows:
You should use a Client program on one Side and A Server Program on the other remote side.
Try to connect your client to your server according to ports and IP's used in your port forwarding by Netsh Cmd.
If connection succeed , that is it, if connection fails, that means port forwarding command was failed, or your ip and port configuration of your client and server is wrong.
More over if you send a text file to the server, you should receive it.
I hope that this will help.
Thanks.
You can listen on port 80 with netcat like this on the host ...
nc -l -p 80
... and then either send something back with netcat ...
nc host.com 80 <<< hello
... and see if you get a "hello" on the server, or use nmap :
nmap host.com -p 80
You can also use nmap the same way if you already have a server listening on port 80, like apache.
Just note that nmap will say it's closed unless there is something listening on that port.
I have a switch configured to mirror all traffic to an ethernet interface of a server. I can actually see the packets received with tshark, tcpdump, etc, but iptables doesn't seem to see this traffic. My ultimate goal is to ulog syn packets for connection accounting.
I tried to place rules in PREROUTING chain, unsuccessfully.
Can iptable capture packets not sent to the local machine? If no, is there a way to do this?
Which table do you use for monitoring?
What you want to do is to use the filter table (the default one) and the FORWARDING chain: it is specifically designed to capture packets which "traverse" the machine. For instance:
iptables -A FORWARDING -p tcp --dport 80 -j LOG
The INPUT chain will capture packets from the outside destined to the local machine, and the OUTPUT chain will capture packets originating from the machine and going outside.
One side note: packets transiting through loopback go through both INPUT and OUTPUT chains.
As to PREROUTING, it is a chain meant to modify packets, if necessary, before the routing decision -- this is why, for instance, port redirection is done in there. And this is why the filter table has no hook in it: it does not make sense.
iptables will only work with IP packets somehow directed at your machine. So what you are trying to achieve will not be doable with iptables. For it to work would require that you set up your accounting machine as a router for all IP traffic.
What’s wrong with tcpdump for this task?
tcpdump -G 3600 -w tcpsyn-%FT%T.pcap tcp and 'tcp[tcpflags] & (tcp-ack|tcp-syn) = tcp-syn'
If you want all TCP initiation attempts.
tcpdump -G 3600 -w tcpsynack-%FT%T.pcap tcp and 'tcp[tcpflags] & (tcp-ack|tcp-syn) = (tcp-ack|tcp-syn)'
If you want all TCP sessions actually established.
When I am trying to start Apache server from Eclipse, I am getting message as:
Several ports (8085, 8009) required by Tomcat v6.0 Server at localhost are already in use. The server may already be running in another process, or a system process may be using the port. To start this server you will need to stop the other process or change the port number(s).
I find the ports are opened by any process by the OS using "netstat -an"
I found below data as listening.
TCP 0.0.0.0:8009 0.0.0.0:0 LISTENING
TCP 0.0.0.0:8080 0.0.0.0:0 LISTENING
TCP 0.0.0.0:8085 0.0.0.0:0 LISTENING
TCP [::]:8009 [::]:0 LISTENING
TCP [::]:8080 [::]:0 LISTENING
TCP [::]:8085 [::]:0 LISTENING
I don't know whether this are useful process, or can I release this ports.
If tomcat is already running eclipse will report this. This could happen if eclipse crashed.
If you only have one instance of tomcat on your machine
Try stopping it
bin/shutdown.sh
or on windows
bin/shutdown.bat
and then restarting tomcat from eclipse.
On linux
You can verify those ports are in use by another tomcat (or the same one that is already running) with
netstat -anp #running as the superuser the -p option will say what the process is
You can then check the process table to cross reference the ports
ps aux | grep java
or
ps aux | grep 1234 #replacing 1234 with the PID reported by netstat
If it is tomcat and it won't shutdown after running bin/shutdown.sh then you can kill it using the kill commmand.
If you do have something else that is using those ports
edit conf/server.xml
change the ports that tomcat will use, try 6080, 6005, etc
start tomcat from eclipse again