Given the wpa_supplicant in Linux uses nl80211, can I subscribe to one of it's multicast groups and listen for association, di-association, authentication and de-authentication events?
You can specify ctrl_interface in wpa_supplicant config file, for example:
ctrl_interface=/tmp/wpa_supplicant
Аfter you run wpa_supplicant using this config file a socket will be created. If your interface is wlan0 then path to the socket will be /tmp/wpa_supplicant/wlan0.
You can connect to this socket and read events using wpa_ctrl_recv. Events are actually plain text but you can parse them.
You only need to include necessary functions to your project somehow. As for me, I've simply copied part of wpa_supplicant sources (wpa_ctrl.h, wpa_ctrl.c and some other included files) to my project. But probably there's some library which you can use.
Related
It is known that socat can create a tun device and open it to relay. But I wonder how can I use it to relay an existing tun interface? The tun0 device has been opened by another script.
As show in Windows Resource Monitor:
I want to analyse network traffic of an application, but I dont know the Windows API. I used scapy or wireshark, but I don't know what data packages are this application.
So, I want to get the listening port first. But I don't know the API.
You can use GetTcpTable2() or GetExtendedTcpTable() to enumerate open TCP ports, determining which ports are listeners, and get each one's owning process.
You can use GetExtendedUdpTable() to enumerate open UDP ports and get each one's owning process.
I am struggling with switching between multiple live streams. For example, I have five live streaming servers streaming(HTTP or RTSP) and I want to put some broker between those (five) streaming sources and destination so that output to the destination would be one video streaming (later I may change the streaming source again using switch). Broker plays role of switcher, My question is, is there such open source "switcher"? Or how this technology works?
here is link to similar question but I want some open source or some brief guidance about how it could be implemented: http://forums.creativecow.net/thread/117/858680
Thank You in advance
That answer can be an archive for the researchers
First Suggestion or Solution(Multicast Router)
You can use a Router or L3 Switch which is support IGMP protocol. That Router or L3 Switch must support IGMP protocol you can structure multicast IP address. You can configure L3 to switch all streaming. Multicast Ip address works within 224.0.0.0 to 239.255.255.255 and works based on device' mac address. You can create different multicast Ip address for the different type of switching scenarios. After finished Router or L3 Switch configuration, you only change IP address to switch streaming into your program. (I didn't mention Broadcast. Broadcast send data to all points. Multicast send data to certain points.)
Second Suggestion or Solution(Programming)
I am using Vlc.Dotnet wrapper for using the Vlc and libvlc libraries. It's open source. RTSP streaming is based on IP address and port number. I don't know any open source switch but you can write one of them for you with use Vlc.dotnet wrapper. You build 5 Streaming server and 1 control server. The Streaming Server's destination should be Control Server's IP. and you can control all data from control server with your basic switch program.
5 Streaming Servers : Sends data to Control server
1 Control Server : Controls and Switches data
I prefer to use Router or L3 Switch for make that. Because it's easier.
I have a closed third party system that sends a unicast UDP stream (MPEG-TS) that I'd like to access in two different programs on the same computer. I can not change anything on the source, not even IP or Port.
Is there any other option than to write my own little program that captures the stream and then creates to new streams and resends both?
It seems that only one of the two destination programs handles multicast, so I need two unicast streams.
You should be able to use socat to forward unicast UDP to a multicast group, or just save data into a file and process later.
Edit 0:
Here is an example (this is on Linux - don't have any Windows boxes). Listen on unicast port 4242, forward to multicast 224.10.10.10:5252 (you might have to add ip-multicast-loop option if you are doing everything on the same machine):
~$ socat UDP-LISTEN:4242 UDP-DATAGRAM:224.10.10.10:5252
Receive on multicast (needs interface address or name), forwards to unicast 192.168.0.1:6666:
~$ socat UDP-RECVFROM:5252,ip-add-membership=224.10.10.10:eth0,reuseaddr,fork \
UDP-DATAGRAM:192.168.0.1:6666
Run two of the above with different destination addresses (reuseaddr option allows these to be run on the same machine).
I discovered almost accidentally that my machine was sending and receiving UDP packets to a machine in Poland. Not that I have any problem with Poland, I just don't know why my laptop has the need to communicate with a server there. Reverse DNS shows just the ISP providing the address to some end user. Using Wireshark, I can monitor the messages, which were indecipherable as they were probably encrypted. All packets sent from my machine had the same source port, so clearly the application that sent them opened this UDP socket to use it. I am searching for ways to:
1) enumerate all current sockets open in the system, including the process that created it and, for both TCP and UDP, what ports and addresses they are current bound to.
2) because applications can open these sockets, use them, and close them right away, I would love to find (or perhaps even write) a program that once started would somehow get notification each time a socket gets created, or really more importantly when bound to a source and/or destination address and port. For UDP, I would love to also be able to monitor/keep track of the destination IP addresses and ports that socket has sent messages to.
I don't want to monitor the traffic itself, I have Wireshark if I want to view the traffic. I want to be able to then cross reference to discover what application is generating the packets. I want to know if it is from a process I trust, or if it is something I need to investigate further.
Does anybody know of any applications (for the Windows platform) that can do this? If not, any ideas about a .NET or Windows API that provides this capability, should I want to write it myself?
Edit:
After further research - looks like the APIs to use are GetExtendedUdpTable and GetExtendedTcpTable, CodeProject.com has some samples wrapping these in .NET (see http://www.codeproject.com/Articles/14423/Getting-the-active-TCP-UDP-connections-using-the-G). So a combination of this API and some sniffer code would be needed to monitor and keep track of what hosts at what ports using what protocol any particular application on your machine is talking to. If I ever get some free time, I'll consider creating this, if you know of an app that does all this, please let me know.
Try SysInternals TCPView. Despite its name, it handles UDP as well.
netstat -b to enumerate all ports along with the process names.
You can try using SysInternals' Process MOnitor (ProcMon.exe or ProcMon64.exe).
It allows for filtering of Processes by "UDP Send" Operation - and provides detailed UDP Connection data, including source and destination addresses(IP) and ports etc.