I would like to know whether there are any programs which will help me to generate ICMP messages. I have a target board running with linux for arm and all of the ICMP messages need to be tested against it.
These all are the messages need to be tested:
3 Destination Unreachable
12 Parameter Problem
11 Time exceeded
4 Source Quench
30 Trace route
5 Re-direct
I shall take the trace of these communications in wireshark as well.
Please help me out guys.
Have a look at scapy. This is a comfortable packet generator written in python. You can integrate it into your python scripts.
Related
I am trying to find any information on commands for JetDirect/HP GGW Server. The only mention I've been able to find in the past 4 days of searching was at Python socket communication with HP print server. I'm currently working with HP GGW v1.0, but the JetDirect GGW v2 commands in that post seem to work as well. Any help is greatly appreciated.
Sorry for the really late reply, I hope this is useful anyways. Keep in mind, I'm not 100% sure how all these commands work but this is just from experimenting.
*Tested on a HP OfficeJet 6600 printer
*Connected to port 9220 via NetCat or Telnet
*Commands appear to be case insensitive
*Maximum command length appears to be 4
Commands:
data:
Appears to work together with the command open
devi:
Shows device info
mpct:
No idea what it does, it takes numbers as input
noop:
Assembly language do nothing command?
open:
Accepts 4, 9, or 43
quit:
Closes connection
serv:
Appears to be related with the skid command. See skid for more info
220 HP GGW server (version 1.0) ready
serv PRINT
250 2 PRINT
time:
Takes # of seconds as argument and will close the connection after # seconds
skid:
Accepts 1,2,4,6,7,8,9,10,14,15,17,39,43,40,96,97,98, or 99 as an argument. Depending on the number, it will print a message, for example:
220 HP GGW server (version 1.0) ready
skid 2
250 2 PRINT
This is all I figured out so far through different methods of testing I've done over the last couple days. If you have any more questions about certain commands function, I could give you a more in-depth explanation of what I know so far.
EDIT:
After a lot more searching, I found the patent for the HP GGW protocol. This might help us better understand it
https://patents.google.com/patent/US6581098
I have created a test account to IOThub and pulled down the azure-iot-sdks git archive to test with.
I have added my connection string to both the iothub_client_sample_http and iothub_client_sample_mqtt .c files.
When I run the iothub_client_sample_http I see a couple of network packets sent and acked before I get a segmentation violation in pthread_mutex_lock called from PR_lock. I will track this down and fix it.
More importantly, I want to use the MQTT protocol. When I execute the iothub_client_sample_mqtt app I get a timeout in the connect code. I have looked at the packets with wire shark and what I see is:
TCP 74 33226 > secure-mqtt [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=81898578 TSecr=0 WS=128
Then two more packets going out the same with retransmission. I never see any reply packets.
Is there something I need to enable at the IOThub to allow using MQTT?
I actually want to use mosquitto in the product and I get the same scenario from my code.
Thanks for any help.
You can also use MQTT over WebSockets which uses 443 port instead of 8883.
See more details from https://learn.microsoft.com/en-us/azure/iot-hub/iot-hub-mqtt-support
Thanks for the answer. It turns out the company was filtering all packets to port 8883 and that was my issue.
MQTT has some particular advantages over other protocols to the hub. As it becomes more popular IT organizations will need to change this type of thing.
Thanks again.
I have an iOS application that remotely connects to 3 sockets(of some hardware). Each Socket has its own priority. One channel is only used for transferring messages between iPad App & hardware, one for Tx/Rx Images, another one for Tx/Rx Videos. I had implemented all the three sockets using GCDAsyncSocket API & things worked fine while using MSGSocket/ImageSocket (OR) MSGSocket/VideoSocket, but when I start using the VideoSocket/ImageSocket/MSGSocket simultaneously this is where things go a little haywire. I Lose Packets of Data.{Actually a chunk of file goes missing :-(} I went through the API & found some bug in the API: Unable to complete Read Stream which I assumed could be a cause of problem. Hence, I Switched to threads & implemented the same using NSThreads/CFSocket API.
I changed only the implementation for ImageSocket/VideoSocket code using NSThreads/CFSocket API & here is the implementation of the same dropbox-ed. I'm just unable to understand as to where the things are going wrong whether it is at iOS App end or at the Server side. In my understanding there shall be no loss of packets in TCP Communication.
Is there a way to Debug This issue. Also I request to go through the code & let me know if any thing is wrong(I know this can be too much that I'm asking for but I need some assurance as to the code implementation is correct). Any help to resolve this issue will be highly appreciated.
EDIT 1: After #JoeMcMahon Comment, I referred to this Technical Q&A & got a TCP Dump - trace.pcap file. I opened this tcp dump with Wireshark & it does show me the bytes transferred between the ports of hardware & iPad.
Also in the terminal when I stopped the tcp dump capture I saw these messages:
12463 packets captured
36469 packets received by filter
0 packets dropped by kernel
Can someone point out the difference between packets captured & packets received by filter?
Note - The TCP dump attached is not for a failed scenario.
EDIT 1.1: Found the answer to difference between packets captured & packets received by filter here
TCP communication is not guaranteed to be reliable. The basic ack-syn paradigm can break, that is why you have re-transmission mechanism etc. Wireshark reports such problem in your packet capture session.
For using wireshark/tcpdump, you generally want to provide a filter, since the amount of traffic goes through the wire is overwhelming (ping, ntp, etc), you want to filter the capture using some basic filter to see the packets which is relevant to you. The packets which are filtered out is not captured, hence the numerical difference.
If it is a chunk of file went missing, I doubt issue is at TCP level. Most likely it is something higher level went wrong. I would run a fixed size file repeatedly through the channel till I can reliably reproduce the loss.
I am working with a "real time" data analysis toolchain which is separated into two parts. The first part fetches the data to be analyzed, packs it into a UDP packet and sends it to another host. The second part, running on the aforementioned host, receives the UDP packets and performs analysis on the received packets. By "real time" I mean that the output of the analysis toolchain should appear live to a human user, thus latencies of up to 100 ms are acceptable.
I am looking into making a new data source available to the receiving part. The data that I am looking for are being transferred on an Ethercat bus, which I can sniff. Wireshark/tshark have a dissector for Ethercat packets. With that said, it's really simple to get at the data in a script running within Wireshark/tshark. Since I have little control over the second part of the analysis, I cannot readily modify the second part to sniff Ethercat frames via pcap or somesuch.
Is it possible to send UDP packets from a script running in Wireshark/tshark?
Wireshark's Lua doesn't have a way to do that available out-of-the-box, but it's stock Lua so you can write a wireshark Lua script which itself can import (i.e., use require) any other Lua script or compiled Lua dll/so library. So, for example, you could use the LuaSocket library to send packets from within your wireshark Lua script.
Note that there is no event loop available to Wireshark Lua scripts, so receiving packets via LuaSocket isn't going to work, afaik. But since you're talking about sending over UDP, and sending only when the Wireshark Lua script will get invoked (i.e., because you'd do the send() call inside a tap or dissector), I think it should work. If it does/doesn't please post back, because this question comes up now and then and it would be good to know.
I hope this is quite a simple question.. I've got a compiled .exe program on windows, and I know that it connects to some php resource on some web server and fetch some data. They are just one or two KB, but what I'd like to know is: what's the php resource that it connects to? Is there any program able to trace connections of some other program, on windows?
Thank you very much!
Matteo
Wireshark is a network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network.