I'm creating a simple web server in Ruby, which display's the text LOLZ in the browser. I have this now:
#!/usr/bin/ruby
require 'socket'
server = TCPServer.open(2000)
loop do
client = server.accept
client.puts "HTTP/1.1 200 OK\r\n"
client.puts "Content-type: text/plain\r\n"
client.puts "\r\n"
client.puts "LOLZ"
client.close
end
This works as expected. However, I want it to work on port 80. Whenever I change 2000 to 80, and start the server using bash, I get this error:
unknown-00-25-4b-8c-b9-b3:rServe koningbaardxiv$ ./rServe.rb
./rServe.rb:4:in `initialize': Permission denied - bind(2) (Errno::EACCES)
from ./rServe.rb:4:in `open'
from ./rServe.rb:4
Can anyone help me?
Thanks
EDIT: I just figured out that this is for all ports within a range of 0 to 999 :S
The ports below 1024 are reserved (also called well-known ports). You can access them only as root.
$ sudo ./rServe.rb
From http://www.iana.org/assignments/port-numbers:
The port numbers are divided into three ranges: the Well Known Ports,
the Registered Ports, and the Dynamic and/or Private Ports.
The Well Known Ports are those from 0 through 1023.
From http://www.linuxquestions.org/linux/articles/Technical/Why_can_only_root_listen_to_ports_below_1024:
I do not blame those who invented the port 1024 limit, it was a natural and important security feature given how UNIX machines were used in the 1970's and 1980's. A typical UNIX machine allowed a bunch of not necessarily fully trusted people to log in and do stuff. You don't want these untrusted users to be able to install a custom daemon pretending to be a well-known service such as telnet or ftp since that could be used to steal passwords and other nasty things.
Related
I recently started learning Ruby Sockets and decided to research the topic. I came across the ruby-doc which had some example code that ran smoothly:
This is the example code for the server:
require 'socket'
server = TCPServer.new 2000 # Server bound to port 2000
loop do
client = server.accept # Wait for a client to connect
client.puts "Hello !"
client.puts "Time is #{Time.now}"
client.close
end
And the example code for the client:
require 'socket'
s = TCPSocket.new 'localhost', 2000
while line = s.gets # Read lines from socket
puts line # and print them
end
s.close # close socket when done
So this ran well but I was wondering how I would get the client to connect if it is running from a different computer. So I attempted to replace the "'localhost'" in the client code with my public IP address courtesy of whatismyip.com, however, when I tried running the new client code on a different computer I merely got a timeout error. I even attempted running the new client code on the same machine running the server but still I got a timeout error.
Does anyone know how I can get this to work properly?
Any help would be much appreciated!
Greg Hewgill helped me figure this out:
My first problem was that I was using the wrong address. Greg suggested I check my actual address through the cmd command "ipconfig". The command gave me the actual address that the server was being hosted on. Through this I changed the "'localhost'" in the client code and changed it to the actual IP address. Upon running, I received an error that stated that the server had actively refused the connection. This was fixed by also changing the 'localhost' in the server code to the IP address of the server's machine.
Thank you Greg for the help!
I had already created a qt program that listens on a specific port on my server. And it works fine. Now I want to create a simple ruby program to do the same. Right now I just have a simple test server using netcat which establishes a network socket and accepts UDP data (this is Ubuntu server by the way):
$ sudo nc -l 1720
Now I am just trying to listen on the port in Ruby:
# network.rb
require 'socket'
socket = UDPSocket.new
socket.bind('64.xxx.xx.xxx', 1720)
This right away raises this exception:
network.rb:4:in `bind': Cannot assign requested address - bind(2) (Errno::EADDRNOTAVAIL)
WHy is it saying the address is not available? All that is there is a netcat socket. The goal is that I will have UDP data coming in from GPRS devices to that port, and then I will have ruby sitting on my ubuntu server listening for that data, then decoding it, and storing it into a postgresql database.
You are making a server or client?
you used nc, so i guess you are making client.
server is bind
client is connect:
c = UDPSocket.new
c.connect("127.0.0.1", 1111)
"address is not available" usually as the port is used.
or you can ping the address fisrt to check if the address can be reached
I was getting the same error by running:
rails s -b 10.0.0.61
It turns out that my local IP wasn't 10.0.0.61 and this was causing the error.
I am trying to learn how to send TCP packets across the internet to another computer. So say, computer 1 sends data across the internet to computer 2 (using TCP). Assuming that both computer have port forwarding correctly set, how would I go about establishing a TCP connection between the two computers (in Ruby preferably)? I have it working on my LAN, but when I try over the internet, it doesn't seem to work.
My attempt (basically):
Computer 1:
server = TCPServer.new 32500
client = server.accept
Computer 2:
TCPSocket.new PUBLIC_IP_OF_COMPUTER_1, 32500
Problem is that TCPSocket never connects to TCPServer.
I read in the Ruby doc that TCPServer.new's syntax is
new(remote_host, remote_port, local_host=nil, local_port=nil)
What happens if I just leave local_host=nil and local_port=nil (rather than assign them the private IP and port 32500 number on Computer 1)?
If somebody could point me in the right direction, that's be great! I hope I my approach is at least somewhat correct.
You created a server which is listening only on the loopback Interface.
Try this out:
curl ifconfig.me
You will get your external IP address, how it is visible from outside, for example 123.123.123.123
server = TCPServer.new 2000
Now You have a server listening on port 2000
lsof -i :2000
for example:
ruby 37186 wopi 6u IPv4 0xcf0818acc2bdc38d 0t0 TCP *:callbook (LISTEN)
now connect from THE SAME machine to localhost
telnet localhost 2000
this works
telnet 123.123.123.123 2000 # substitute your real external IP address
this will not work
That is why You can't connect from outside.
Checkout how ngrep, netcat and tcpdump are working, invaluable tools for network debugging.
This is part programming, part sysadmin, so please excuse me if you feel that this should be over on serverfault.
I have an application that is not SOCKS aware and that we need to use through a firewall. We cannot modify the application to have SOCKS support either.
At the moment, we do this by aliasing the IPs the application talks to the loopback adapter on the host, then creating SSH tunnels out to another host. The IP's the application uses are hardcoded. Our SSH connections look like:
ssh -L 1.2.3.4:9999:1.2.3.4:9999 user#somehost
Where 1.2.3.x are aliases on the loopback.
So the application connects to the open port on the loopback, which gets sent out to the SSH host and onto the real 1.2.3.4.
It works, but the problem is that this application connects to quite a few IPs ( 50+ ), so we end up with 50 ssh connections out from the box.
We've tried to use several 'proxifying' apps, like tsocks and others but have had alot of issues with them ( the app is running on OS X and tsocks doesn't work so well, even with the patches )
Our idea was to write a daemon that listened on all interfaces on the specified port - it would then take the incoming packets from the application, scrape the packet info ( dst IP, port, payload ), recreate the packet and proxify it through a single SSH SOCKS connection ( ssh -D 1080 user#somehost ). That way, we only have 1 SSH connection that all the ports are being proxied through.
My question is - is this feasible? Is there something that I'm missing here? I've been combing through pfctl, ipfw, iptables docs, but I don't see any option to do it through those and this doesn't seem like it'd be the most difficult thing to code. It would recreate the packet based on the original destination IP and port, connect to the local SOCKs proxy and resend the packet as if it were the original application, but now with SOCKS support.
If I'm missing something that someone knows about that already does this, please let me know. I don't know socket programming or SOCKs too well, but this doesn't seem like it'd be too big of a project to tackle, but I'd like some opinions if I'm biting off way more that I should.
Thanks
If your application could add SOCKS client support, you can simply ssh -D lock_socks_port remote_machine, which will open up the local *lock_socks_port* as a SOCKS server at localhost, which can then connect to any host accesible by the remote machine.
Example: imagine you are using an untrusted wifi network without encryption. You can simply launch ssh -D 1082 home, and then configure your web browser to use localhost:1080 as SOCKS server. Of course, you need a SOCKS-enabled client. All the traffic would appear as coming from your gateway, and the connection would be opaque to those snooping the wifi.
You can also open a single ssh client with an indefinite number of LocalForward requests, which would be tunneled on top of a single ssh session.
Moreover, you can add ssh connections to an already-established ssh connection by using the ControlMaster and ControlPath options of ssh.
I've written this ruby program to send a UDP Packet to port 16800:
require 'socket'
sock = UDPSocket.new
sock.bind("", 47123)
sock.send("Hello!", 0, "192.168.0.100", 16800)
sock.close
where 192.168.0.100 is my own ip address. However, the packet doesn't show in Wireshark and my UDP server listening on port 16800 on the same PC (running Linux) isn't receiving anything.
When I slightly rewrite the program to
require 'socket'
sock = UDPSocket.new
sock.setsockopt(Socket::SOL_SOCKET, Socket::SO_BROADCAST, true)
sock.bind("", 47123)
sock.send("Hello!", 0, "<broadcast>", 16800)
sock.close
the packet does show up in Wireshark, but my server still isn't receiving anything.
Am I missing something obvious?
EDIT:
The server code, for completeness
require 'socket'
sock = UDPSocket.new
sock.setsockopt(Socket::SOL_SOCKET, Socket::SO_BROADCAST, true)
sock.bind(nil, 16800)
while true
packet = sock.recvfrom(1024)
puts packet
end
However, this was copied somewhere from the internet, and while editing it for stackoverflow, i found out that the server always receives packets sent to 127.0.0.1 but when I change nil to "", the server suddenly also receives the packets sent above. Is this a bug in the ruby socket implementation?
I just used your very code and the problem is you're not binding to a specific IP address. I don't know about Linux but on OS X there's an issue where sometimes the default will attach to an unused IP6 address rather than the interface you were expecting.
Changing "" to 192.168.1.255 on the server, and including "192.168.1.255" on the bind in the client made all this work for me :)
UDPSocket.BIND takes a host and a port. Try changing the nil to your IP address. From http://coderrr.wordpress.com/2008/05/28/get-your-local-ip-address/; use
require 'socket'
def local_ip
orig, Socket.do_not_reverse_lookup = Socket.do_not_reverse_lookup, true # turn off reverse DNS resolution temporarily
UDPSocket.open do |s|
s.connect '64.233.187.99', 1
s.addr.last
end
ensure
Socket.do_not_reverse_lookup = orig
end
to get your IP
Have you tried sending to "localhost" or "127.0.0.1"? This will send directly to the local computer and will help diagnose the problem further.
Kind of speculating here, but you might want to consider something like this - when you use the computer's own IP, the packets aren't visible on the physical link b/c the tcp/ip stack doesn't have to push them that far to get them where they are going, it can turn them around internally to the computer at one of the higher layers in that seven-layer stack model (the 'transport' layer, perhaps?)
If such a connection is supposed to work, and you see the packages using Wireshark, then you should also check the software firewall on your machine. If it blocks traffic to the UDP port you want to use you can still see the package using Wireshark!