OS : Windows 8,
Tool : Jperf,
internal Tool : iperf
i want to start UDP Server listener.
Command Used:-
iperf -s -u -P 0 -i 1 -p 5001 -l 1470 -f k -t 10
Server listening on UDP port 5001
Receiving 1470 byte datagrams
UDP buffer size: 64.0 KByte (default)
Error as follows :-
bind failed: Operation not permitted
recvfrom failed: Invalid argument
Comments :-
1) My Windows Firewall is OFF
2) Antivirus is OFF
Any Registory changes required here to access windows UDP ports ?
Any Idea ?
I had the same problem, but only after I installed an altogether different application on the same machine where I had successfully run iperf -s -u previously. When I assigned another port for iperf to use such as 5555 or 6007 the iperf server no longer gave a bind error and presented the stats after the transfer as expected.
I suspect the reason for this is that another program that I installed grabbed the UDP port or range of ports for itself. This would be easy for a program to do if iperf is running in user-mode instead of daemon mode. On the other hand some programs are still particular about running on specific ports, so in case of a conflict you may still have to assign specific port usage.
Related
I'm running Windows 10 with WSL2 and have Docker installed. I create a Docker container and from within that container can ping and ssh into hosts on the same physical LAN as the Windows host, however arping just falls flat on its face.
Example of starting a container from a command prompt on Windows:
user#HOST C:\Users\user>wsl --list --verbose
* Ubuntu Running 2
docker-desktop Running 2
docker-desktop-data Running 2
user#HOST C:\Users\user>bash
user#host:~$ sudo docker run -it --rm alpine:3.12.0
/ # ping -c1 -w1 192.168.32.21
PING 192.168.32.21 (192.168.32.21): 56 data bytes
64 bytes from 192.168.32.21: seq=0 ttl=37 time=1.588 ms
--- 192.168.32.21 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 1.588/1.588/1.588 ms
/ # arping -c1 -w1 192.168.32.21
ARPING 192.168.32.21 from 172.17.0.4 eth0
Sent 1 probe(s) (0 broadcast(s))
Received 0 response(s) (0 request(s), 0 broadcast(s))
I have attemped running the container with the default network and '--net=host'; same results.
The '-c1 -w1' options in the above example are there for succinctness. Removing them results in the arping timing out.
Any suggestions/advice would be appreciated. I really need to get the arping working from within the container.
So usually ARP only works on the local LAN segment that the client is connected to, it won't traverse any packet routers.
Looking at the output you've got there, you're trying to go from 172.17.0.4 to 192.168.32.21 which will be on different subnets, so ARP won't work.
I am able to get Wifi connection in Raspberry Pi from wifi card acting as Access Point in Jatson Nano.
But now i want to continuously look into devices that are getting connected to Jatson Nano AP and kick off other than Raspberry Pi. If i assume, i know the MAC Address of Pi, is it possible to kick off any device that does not match that MAC Address?
Note : This AP is wifi card and not router, so do not have Settings Panel to filter MAC address and can only be done using terminal command by either ssh or some bash/python script
Is it possible to block/filter specific MAC Address using terminal?
You can try using iptables to filter by MAC address. Check out this answer.
# Create the DHCP_clients chain in the 'raw' table
iptables -t raw -N DHCP_clients
# Incoming DHCP, pass to chain processing DHCP
iptables -t raw -A PREROUTING -p udp --dport 67 -j DHCP_clients
# Allowed DHCP clients
iptables -t raw -A DHCP_clients -m mac --mac-source <ALLOWED MAC> -j ACCEPT
# Deny other clients not listed above
iptables -t raw -A DHCP_clients -j DROP
Specify the raw table with -t.
raw: This table is used mainly for configuring exemptions from connection tracking in combination with the NOTRACK target. It registers at the netfilter hooks with higher priority and is thus called before ip_conntrack, or any other IP tables. It provides the following built-in chains: PREROUTING (for packets arriving via any network interface) OUTPUT (for packets generated by local processes)
-t, --table table
This option specifies the packet matching table which the command should operate on.
and create a new chain name to reference.
-N, --new-chain chain
Create a new user-defined chain by the given name. There must be no target of that name already.
the raw table provides PREROUTING(for packets arriving via any network interface), -A appends the rule to your chain.
DHCP uses ports 67 and 68 and the UDP protocol. You can prevent DHCP requests by blocking communication on these ports.
-A, --append chain rule-specification
Append one or more rules to the end of the selected chain.
then you have rules to ACCEPT only the MAC addresses you want and DROP all others.
iptables manual
I have a task in a lab for my cyber-security class where I have to verify that the port 5555 is open and not in use via Command Prompt. I have tried the following command with these flags:
command used to check port 5555
You can do a nmap scan on that port to see if its open or close; also you can get more information about the port if its open this way.
nmap -vvv <ip> -p 5555
if you are looking for a fast way you can try to connect to that port and see using netcat or telnet
nc localhost 5555
telnet localhost 5555
if the port is close your connection will drop if its open the connection wont close if the application running on port 5555 has a header you can also see that.
in case you looking for open ports in your own computer you can do ss -lnpt which will show all open ports. then you can grep for port 5555
You can either use netstat or sudo lsof -i tcp:5555.
If you don't get a response on your terminal, it means that there's nothing running on port 5555.
I'm trying to understand if a client (in a client-server architecture) when using a 'blocking' call will somehow completely lose the other side of the connection without being given any signs of the loss. I think this can happen normally as most networks sometimes have issues. The thing is I want to duplicate the idea: the client connects in a blocking mode, the server accept the connection, then disappears, and then possibly later re-appears, but not in a way where the server closes a connection, or 'nacks' or anything.
Is there a way to induce this behavior in a local network?
And as it turns out this particular app is written in Go but I don't know how much that will matter.
At the risk of being silly... Have you considered removing the cable / shutting down the network interface, manually? If this is just for testing what happens if you lose connectivity that is an option.
Another option is to use the firewall of your operating system to drop the specific traffic, for example to add a rule with iptables in a Linux-based OS.
//Block incoming port 80 (web)
$ sudo iptables -I INPUT -p tcp -m tcp --dport 80 -j DROP
//Block outgoing port 80 (web)
$ sudo iptables -I OUTPUT -p tcp -m tcp --dport 80 -j DROP
//Remove block incoming port 80 (web)
$ sudo iptables -I INPUT -p tcp -m tcp --dport 80 -j ACCEPT
//Remove block outgoing port 80 (web)
$ sudo iptables -I OUTPUT -p tcp -m tcp --dport 80 -j ACCEPT
Of course, you can execute this commands within your program, if you need to.
I am not getting SNMP traps using snmpwalk. However another SNMP client ("ManageEngine") on the same Windows PC, easily gets all the traps. Also the Wireshark shows that the traps are arriving quite fine.
Please guide me, am I doing something wrong?.
the command:
snmpwalk.exe -v 2c -c public -t 10 IP:Port
Timeout: No Response from IP:Port
You are able to receive trap because your manager on local machine is listening to traps send by remote machine , at port 162.
This does not mean snmpwalk will work. Because in that you are client and sending snmp query to remote host at port 161.
Reason for not responding May be access control list at remote end.
Wrong community string..
Please check at very first that your server is actively listening for query
Check can be done by nmap for listening
Nmap -sU ip -p 161
snmpwalk is not suppose to receive any traps by design. It is used to traverse the MIB tree using GET-NEXT, GET-BULK requests.
Instead you should be using snmptrapd to receive traps.