I am trying to specify the port when I am sending a trap via snmptrap.
Just in order to test my SNMP receiver I want to send traps to it, but I do not have access to port 162. How do I send the trap to another port?
As I see it the man-page does not describe this option.
(I do not fully understand what the parts of a snmptrap message is either, so if someone feels like explaining that it would be nice to)
In the net-snmp command line tools, you specify the port number in the host identifier, like so:
192.168.1.12:162
At least, that works on my machine.
I agree that this is not really apparent from the man page of snmptrap, so I understand why you couldn't figure it out. The rest of the format is, however, described in the man page to a somewhat satisfactory extent.
Edit: As was pointed out in the comment, the address format is described on the man page for snmpcmd:
http://www.net-snmp.org/docs/man/snmpcmd.html
Related
I want to have background service written in Delphi 7, that stops a specific URL from being loaded by any browser. Is this possible?
Can anyone point me in a direction?
Thanks in advance.
Shane
There are two approaches of which the second one is technically the best:
Write a DLL that you inject into all processes and if these processes are for a browser you have to intercept and filter all traffic, e.g. using Windows sockets
Write a Layered service provider that works a bit like a firewall (at a lower level in the OS)
I've worked in internet filtering software and I can tell you both are big undertakings.
We initially took the first approach, then switched to the other because it's technically better. [And we never finished that transition because the company folded ;-(]
We did not write our own LSP (it's a big job in itself) but used the products from Komodia. Although they write for C, the people were very helpful answering our questions about porting to Delphi.
But as I said earlier, this is BIG: you have to deal with 32 and 64 bit code, http versus https, protecting services from being stopped, etc. Any non-programming solution that you can find is better (although easy to circumvent).
If you still want to program: prepare for 1 man-year of coding using LSP.
A service, no, I don't think so. But you can edit the 'hosts' file so that the domain of the url points to 127.0.0.1. You can make a service that 'guards' this file, although the service itself must have elevated rights to be able to edit it, and of course, the service itself can be killed as well, if the user has the rights to do so.
Anyway, if you manage to edit the file, the browser will not be able to find the server by domain name. Of course, urls with an IP address cannot be blocked this way and neither can you block specific urls, only the entire domain.
But in general, this is not something to solve using a custom service, but in the firewall on either the PC or the router.
For Internet Explorer, you can write a Browser Helper Object that IE itself loads and passes browser events to. The BHO can then accept/reject URLS on a per-request basis as needed.
I have two computers, A and B.
On computer A, I want to be able to specify for certain ports that incoming traffic from computers will be automatically routed to a different port on computer B as if it was originally sent to B from .
I'm not really sure what I need here. I thought it might be port forwarding, bridge, ip routing or ip forwarding but was unable to come to a conclusion.
I'm trying to do this on a Windows 2008 machine, in order to shift traffic from an older software on one server to a newer software on a different server. I tested my trials using http://joncraton.org/blog/46/netcat-for-windows, trying to send stuff from my computer to another computer which was supposed to route it back to me, but nothing was received.
I have tried:
http://www.simpleportforwarding.com
but that didn't work for me.
I've also tried:
http://www.quantumg.net/portforward.php
but my Anti-virus blocks it (though it's not a malware, as far as I know).
I know Windows has the command "route" on the shell but I'm not really sure what to do with it as it requires a mask for the IP and doesn't seem to allow choosing ports (and it might not be what I need anyway).
I've also come across this:
http://www.windowsnetworking.com/articles_tutorials/NAT_Windows_2003_Setup_Configuration.html
and though I'm pretty sure NAT is not what I need, maybe that "Roles" configuration has something relevant.
Had anyone come across a similar situation and knows how to solve this? I'm pretty sure there's something ready which can do this and no software needs to be written.
EDIT:
I've discovered that netsh can do the above by:
C:\>netsh interface portproxy add v4tov4 listenport=12345 listenaddress=192.168.1.1 connectport=443 connectaddress=192.168.1.1
which is a command I found here:
http://www.rickwargo.com/2011/01/08/port-forwarding-port-mapping-on-windows-server-2008-r2/
But the problem is, and I forgot to mention this, I also need to be able to do this routing only for specific source IP addresses. I'm not sure if netsh can do this (maybe it can?) so is there any other way?
I've searched this subject in stackoverflow and found out that a telnet library would help, and I found a telnet lib here: C# Telnet Library
but I don't know how I can use a telnet library to open a port in my router. I'm using an AT&T 2wire router. Any hints on how I can do this?
You can't. The 2wire router is an island unto itself, if it decides to block a port nothing external can (or should) be able to change that. You are on the wrong track, and would need to restate your goals in order to get a useful answer.
UPnP and other "Hole Punching" techniques do exist: but you'll be in a world of hurt if you try to reply on them for any widespread deployment.
Perhaps you meant to open a connection to a remote server and then establish two way communication. That is easy... and how other games and tools get the job done.
Technically speaking you should not be able to. You shouldn't have outside programatic access to a router to open a port if it's blocked.
If what you mean is opening a port for communication (that is not blocked) then you can simply create Sockets with the address and port (ex. localhost 7777) to establish inter process communication or simply communication with another server.
As I mentioned in a comment below there are ports that are available for use (in C# this can be easily tested, a quick google search will find you many snippets of code for testing if a port is open). A simple approach is to simply start at port 1024 (I believe this is the correct lower bound for ports that should be used by applications, someone correct me if I'm wrong) and just start counting up until you find a port that is available, if you find you've reached some upper limit you can simply report that a connection cannot be made. I hope this clears up a little more and if I have time I will try to find some code I have for this and edit it in but honestly a quick search can net you similar code for checking ports in C#.
I've been crashing around on the netfilter/iptables home page as well as beseeching The Google, but no luck so far.
I have a Rails application which needs to control packet filtering for its Linux host. It could do this by just dumping rules into /etc/sysconfig/iptables and bouncing the iptables startup script, of course. But it would be sweeter if it could just seamlessly make the calls via an API.
The app's requirements are actually very very simple; it only needs to add and delete ACCEPT rules for a given source IP address to a given TCP port on the server, to control access to that service.
I found references to a ruby-iptables project, but that apparently went moribund some years ago.
If I have to resort to raw getsocketopt() calls and the like, I'll just do the text-file-and-restart approach, which will offend my Slickness Sensor but make my customer smile, because he likes working software better than really elegant software that will work Very Soon Now.
If you search for "ruby netfilter" there's more to be found. NetFilter (http://netfilter.org/) is the underlying framework behind iptables.
http://rubyipq.rubyforge.org/ (traffic shaping)
https://github.com/johnl/netfilter.rb (DSL)
http://rubyforge.org/projects/iptcext/ (IPTC library interface)
The last is most like what you want, but while there's code, there doesn't seem to be a real release.
Packet sniffers generally do not capture localhost traffic. I need to inspect some post data in a localhost environment (being generated from a Ruby on Rails development). Do you know of any programs that expose localhost packets?
I use fiddler on my Windows box for http sniffing. Since its only looking at http traffic you don't get nearly the amount of noise you get with something like WireShark.
The trick to getting it to work with data sent and received locally is to use a different endpoint for your urls. Using http://127.0.0.1./YourServiceName instead of http://localhost/YourServiceName has always worked for me. Its important to include the trailing 'dot' in the IP address. Don't ask me why though.
If you use Firefox, you could use the HTTP Logging feature:
https://developer.mozilla.org/en/HTTP_Logging
If you just change your address from localhost to an assigned IP address (like 192.168.12.34 or whatever you may have), your packet sniffer should be able to see the packets.
These packets probably do not exist. There is no reason to packetize data when it is not leaving the host. The data should just go from socket to socket.
You might use something like Instruments or Dtrace to monitor the send system call.
I'm a satisfied user of HTTPScoop: http://www.tuffcode.com/
It's similar to the HTTP traffic analyzer addons you'll see for firefox etc. but works systemwide which is convenient and can be switched to observe any of your available network interfaces.
It is not free, nor does it observe HTTPS traffic, but other than that it's a worthwhile addition to your toolbox.