Ok, so I have a program that talks with a device through Bluetooth and enables it to open a socket connection to an external host. I have a simulator that runs in my computer and I want to redirect the outgoing connection to the simulator running in localhost. Even for Windows, this seems more complicated that I think it should be.
Based in this I tried netsh int ip add addr 1 111.222.333.444/32 st=ac sk=tr
Based on this I tried netsh interface portproxy add v4tov4 listenaddress=111.222.333.444 listenport=15000 connectaddress=127.0.0.1 connectport=2405 protocol=tcp
While the outgoing connection always goes to port 15000, I can control the port where my simulator is listening. It is 2405 merely because the first version of the simulator used that port for some reason.
I tried with both active and forgot about them while I searched for alternatives.
I then found this link with no solution, but the OP said that he solved his problem with PassPort, which finally enabled the device's outgoing communication to reach my simulator.
When I tried to revert the netsh commands, I discovered out that I needed both commands active for PassPort to do its trick.
Isn't there a simpler method to achieve this? My system is Windows 10 21H1
I can't use the hosts file because the connection is made directly to the IP, not to a hostname.
Edit: apologies, I just realized that this might have been better to ask in superuser... can I move it or need to delete/recreate?
I am setting up port scanner for remote server in my application using Go. I am using DialTimeout function in Go net package to check whether a remote host port is opened or not. The result is fine with success case. But, if i/o timeout happens, I need to identify whether
The port is closed (No service is running) or
Port is blocked (Firewall filtered) or
Due to internet connectivity down in local system where the application is running.
Have tried nmap cli command, I can able to differentiate those failure 3 cases exactly.
nmap command tried: nmap -sA -p port_number host_ip
I found a Go 3rd party libray to use nmap.
But, I don't want to use nmap in my application. Are there any other alternatives in Go to exactly differentiate those 3 cases?
In the simple world
Lets assume you want to scan a Linux system.
If you get an ICMP message type 3 code 3, the firewall explicitly told you:
Hi, I am the firewall of your target host. The host is running. I hereby inform you that you (potentially amongst others) can not access this port. So now that you know you should quit your connection attempts. However, I won't tell you wether it is because there is no service running behind it (in which case my response is simply a courtesy) or because I was told to deny you access. Goodbye!
The port is closed if you do not get above answer and can not make a connection. I hence strongly advice to use context.WithTimeout to make a connection.
In the real world
However, this only applies if the admin of the target host did not change the ICMP message type to respond with - or chose just to drop any packets coming from sources which are not allowed to access the respective service. In the latter case, there is no way for you to know wether the port is closed or filtered.
All of the above only applies if we are talking of an iptables based firewall on the target system with default settings.
Now assume something which is by far more likely: A border firewall plus a local firewall. The border firewall might send other ICMP messages (or, again, simply drop your packages). Those rules apply additionally to the rules of the local firewall. So it is a misconception that you are actually scanning a host. It is more accurate to say that you scan the services reachable via a specific IP.
EDIT
Why would one send an ICMP message explicitly rejecting connection attempts?
There are various reasons to come to that decision. There is a good answer on serverfault.com
Can I write a Windows Task or some kind of configuration script that will choose between two Local Area Connections according to the website I am visiting?
It may not be the best answer to my problem, but if it is possible, at least I know it will work.
The issue in full:
My main ISP currently has an issue routing me to my own websites (all hosted on the same server). It also has a 'sticky IP address' (note, not static) - it will only change your IP address once a fortnight, and they can't (won't) even force a change. Their second line support are working on the issue, but so far, no good, and I cannot access my own websites via their internet connection.
So, currently, I am switching from my main network to my mobile 3G network (tethered) any time I want to work on or view my own websites.
I would like to write a script that will make Windows automatically choose my mobile network for FTP, email and browsing my own websites, but use my main ISP for all other online activity.
Haven't a clue where to start - any help appreciated! Thanks,
Sarah
Well, that was simple, no scripting required. If you're using IPv4 (you can check here https://www.google.co.uk/url?sa=t&rct=j&q=&esrc=s&source=web&cd=2&cad=rja&ved=0CDoQFjAB&url=http%3A%2F%2Fwww.amiusingipv6.com%2F&ei=Bq4_UpakM4vv0gXboIDwCQ&usg=AFQjCNHiUnyKvVcUe8Z966YwoycLI28urw&bvm=bv.52434380,d.d2k)
Turn Windows features on or off.
Turn on RIP Listener.
Disable your internet connection that cannot connect to the website you are trying to access, and 'tracert' to the website: make a note of the IP address of the website, and the first IP address in the hop list ([FIRST IP]).
Type in 'route print' and make a note of the Interface number of your secondary internet connection.
Type in 'route add -p [WEBSITE IP ADDRESS] mask 255.255.0.0 [FIRST IP] IF [INTERFACE NUMBER] metric 1'
Reboot.
All traffic to the website IP address (be it mail, FTP, whatever) will go through the secondary connection, all other traffic goes through the main connection.
IPv6 instructions here:
http://windows.microsoft.com/en-gb/windows7/configuring-multiple-gateways-on-a-network
My setup is just an iPhone connected via USB as secondary connection and a Home Hub connected via ethernet as primary.
Hope this is useful to someone else - but of course, no one should ever think of using this to get around IP blocks on message boards...
Sarah
I installed XAMPP 1.6.8 and for some reason it didn't work. Later realized port 80 is not free or not listening. How can I release it or make it free?
Thanks a lot!
I found out that what was taking over port 80 is http api service. I wrote in cmd:
net stop http
Asked me "The following services will be stopped, do you want to continue?" Pressed y
It stopped a number of services actually.
Then wrote localhost and wallah, Apache is up and running on port 80.
Important: Skype uses port 80 by default, you can change this in skype options > advanced > connection - and uncheck "use port 80"
netstat -ano
That will show you the PID of the process that is listening on port 80.
After that, open the Task Manager -> Processes tab. From the View -> Select Columns menu, enable the PID column, and you will see the name of the process listening on port 80.
I had this problem previously,
if you see the Task manager(after enabling the view for PID), you will find PID=4 is "port 80 in use by NT Kernel & System; "
Just go to
Control Panel
Programs
Turn Windows features on/off
check if the World wide web services under IIS is checked
If so, Uncheck and netstat(or TCPVIEW) again to see if 80 is free.
netstat -a -b
Should tell you what program is bound to port 80
use netstat -bano in an elevated command prompt to see what apps are listening on which ports.
But Usually following applications uses port 80 in windows.
IIS
World Wide Web Publishing service
IIS Admin Service
SQL Server Reporting services
Web Deployment Agent Service
Stop above applications if running and check!!!
Use TcpView to find the process that listens to the port and close the process.
Other option to try is to stop SQL Server Reporting Services.
You can use net stop http it will display which process is using. Moslty world wide web services are using
Try
netstat -anb -p tcp
that show ports and processes
I was trying to install nginx from here - http://nginx.org/en/docs/windows.html
Going to http://localhost/ will show something, at least a proper "not found" message
This is because 80 is the default port, and it was taken by other processes.
Now run below command:
net stop http
// Above command stopped below services
// - SSDP Discovery
// - Print Spooler
// - BranchCache
// - Function Discovery Resource Publication
// - Function Discovery Provider Host
Now, going to http://localhost/ will fail with a broken link page message.
Main process was BranchCache
This process, after stopped, will restart in a few seconds.
So we need to run other commands we need soon, an example below:
// this will stop
net stop http
// immeidately run other command you want to
start nginx
Now, going to http://localhost/ gave me:
Welcome to nginx!
Hope that helps.
Type in "netstat -ano" into your command line. I saw that it was showing something for Local Address port 0.0.0.0:80.
My issue was because I had SQL Server Reporting Services on Port 80. So I followed these instructions and changed the port # from 80 to 81:
http://seankilleen.com/2012/11/how-to-stop-sql-server-reporting-services-from-using-port-80-on-your-server-field-notes/
Here is a picture of my command line AFTER I changed the port number for SQL Server Reporting Services:
If you are still having the same issue, read this forum:
http://forum.wampserver.com/read.php?2,66196,66233#REPLY
This is just a guess, but since port 80 is the conventional port for HTTP, you may have a webserver running on your system. Is IIS active?
If you are running IIS you may have the web farm service running. That was what was killing my xampp.
Skype likes to use port 80 and blocks IIS. That was my prob.
I also had the same problem. net stop http didn't help and World wide web services option under IIS in Windows Control Panel was unchecked. So in XAMPP control panel I just checked the Svc checkbox near Apache start button (Install Apache as service) and rebooted Windows. And now each time Windows starts Apache is started automatically and occupies port 80 before any other service does. Worked for me!
Known Windows Services That Listen on Port 80
From Services Manager (run: services.msc), stop and disable these Windows Services which are known to bind to port 80.
Double click Service, and change ‘Startup Type’ to ‘Disabled’…
SQL Server Reporting Services (ReportServer)
Web Deployment Agent Service (MsDepSvc)
BranchCache (PeerDistSvc)
Sync Share Service (SyncShareSvc)
World Wide Web Publishing Service (W3SVC)
Internet Information Server (WAS, IISADMIN)
skype also using port 80 as default setting and you can uncheck it.
You might, or might not, have some of these Services installed and running.
In my case "SQL Server Reporting Services" was opening port 80.
Identify the real process programmatically
(when the process ID is shown as 4)
The answers here, as usual, expect a level of interactivity.
The problem is when something is listening through HTTP.sys; then, the PID is always 4 and, as most people find, you need some tool to find the real owner.
Here's how to identify the offending process programmatically. No TcpView, etc (as good as those tools are). Does rely on netsh; but then, the problem is usually related to HTTP.sys.
$Uri = "http://127.0.0.1:8989" # for example
# Shows processes that have registered URLs with HTTP.sys
$QueueText = netsh http show servicestate view=requestq verbose=yes | Out-String
# Break into text chunks; discard the header
$Queues = $QueueText -split '(?<=\n)(?=Request queue name)' | Select-Object -Skip 1
# Find the chunk for the request queue listening on your URI
$Queue = #($Queues) -match [regex]::Escape($Uri -replace '/$')
if ($Queue.Count -eq 1)
{
# Will be null if could not pick out exactly one PID
$ProcessId = [string]$Queue -replace '(?s).*Process IDs:\s+' -replace '(?s)\s.*' -as [int]
if ($ProcessId)
{
Write-Verbose "Identified process $ProcessId as the HTTP listener. Killing..."
Stop-Process -Id $ProcessId -Confirm
}
}
Originally posted here: https://stackoverflow.com/a/65852847/6274530
I faced the same issue and fixed it by making a small change in the httpd.conf file which can be obtained by clicking the config button along with the Apache option.
The change I made was to replace listen 80 with listen 8080.
For me, this problem began when I hosted a VPN-connection on my Windows 8 computer.
Simply deleting the connection from "Control Panel\Network and Internet\Network Connections" solved the problem.
alt text http://img440.imageshack.us/img440/6950/problemyd1.png
(The curly lines with dots represent a network route.)
Having a process called "foo.exe", is there a way to forward everything it communicates over TCP/IP to a forwarding proxy located elsewhere? This forwarding should not reflect to other processes.
Another question: if there are multiple network adapters, is it possible to force a process to use one specific adapter.
Since in this example the targethost.com is known, I could just edit "system32\drivers\etc\hosts" to map targethost.com's IP to localhost, where on port 8765 would be the first forwarder waiting for an incoming connection and pass everything forward to proxy.foo.com. I was wondering if there's a more elegant way of doing this.
This is not for malware, I'm doing some network testing with my complex home network. Thank you for warning us.
Some free software for this would be perfect, alternatively a code idea (native or .net). Thank you very much.
It's not too hard if you make your own computer a firewall, then your app connects to a port on your own computer, and that port is forwarded to both the original destination and logged or forwarded on to your spying computer.
Alternatively you can make your other computer the firwall and have it log/forward the info.
Finally you could use a sniffer.
SocksCap will probably do the job (if you're OK with establishing a SOCKS proxy at proxy.foo.com).
You could hook into the TCP stack, for example, by using the Windows Filtering Platform or its predecessors, or you could substitute the network libraries/calls of that particular process.