Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 2 years ago.
Improve this question
I captured some HTTP POST requests, and want to send them again. How to do it? Googling didn't yield any easy way not involving some complex stuff resulting in a script being able to send only this specific request, without any flexibility.
You might look into tcpreplay.
It's great for replaying entire streams of traffic captured by Wireshark or tcpdump in libpcap format.
PlayCap is a very easy to use solution for replaying network captures. All you need to do is point it to a PCAP file and press play.
If the HTTP requests are being sent from a browser then you can take advantage of the Web Developer mode available in most modern browsers - by going to the 'Network' section and right clicking on a particular GET/POST requests and then one can optionally modify and resend selected requests and/or using curl (e.g. see FireFox, Chrome).
It's not straightforward to just resend a HTTP interactions that have been captured by Wireshark as the the HTTP is transported over TCP which needs to set up a new connection for each interaction so things like the TCP sequence numbers would need to be different. One approach would be to extract the HTTP content from the packet trace and resend that over a new TCP connection - Wireshark does allow for HTTP traces to be extracted which could be resent. However the latest version of tcpreplay suite from AppNeta now provides a tool tcpliveplay that says it can replay TCP streams so that seems like it could be the best option.
Otherwise for more programmatic control of packet replay one could use scapy as suggested in this answer, though one would need to extract the HTTP content and resend it on new connection(s).
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
I'm working on a my own PXE server (so I could install new OS's I want to test easily without the need to find and format USB's). I've stated by examining psychomario/PyPXE project, but quickly implemented my own TFTP Server. I'm testing it agains Intel UNDI PXE-2.1I have on my laptop.
One of the things psychomario doesn't support is sending large files (>32M). The RFC's (1350, 2347) don't discuss how it should be done, but apparently I had two option. The first option, increasing the block size, didn't work since the PXE client apparently ignores fragmented IP packets.
The second option is using rolling block, i.e. starting the counting from the beginning when reaching the end. The client acks the data, but when the data ends, the client starts sending ack's for block 0xffff (even if that's not the last block).
I tried closing the connection and sending empty data packets for that block. The first resulted on error on the PXE, the second resulted in infinite loop with the PXE.
What packet do I need to send in response for the ack of block 0xffff in order to end the session?
1) your TFTP server should really implement the block size option if not you will be limited to 512 byte blocks. Please see RFC 2348. Fragmentation can always be avoided negotiating a blksize such that the whole packet never gets bigger than the minimum MTU (1500 in a typical Ethernet environment).
2) You have to implement a TFTP "roll over"; after sending and getting acked block # = 0xFFFF you should send the next block as block # = 0x0000 and so on until you finish your transfer. When you test this feature be sure to use a TFTP client able to deal with TFTP block roll over; virtually all the PXE clients available today do this very well.
Besides your learning experience coding your own PXE server please consider you will run into countless isuess down the road. If you need to get quick results just google "pxe server" for a list of ready to use PXE server options.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 3 years ago.
Improve this question
In the chapter "Using Sockets and Streams" of the "Network Programming Topics Conceptual Guide", Apple says:
Note: POSIX networking does not activate the cellular radio on iOS.
For this reason, the POSIX networking API is generally discouraged in
iOS.
Also in the chapter "Networking Tips and Pitfalls" of the "Networking Overview Guide", Apple says:
In iOS, using sockets directly using POSIX functions or CFSocket does
not automatically activate the device’s cellular modem or on-demand
VPN.
Okay, so on iOS one should neither use POSIX sockets nor CFSocket, which is just a thin wrapper around POSIX sockets which supports asynchronous networking via RunLoops. No problem. But what API should you use, if you need an UDP Socket?
Further Apple says in the the Chapter "Networking Tips and Pitfalls" of the "Networking Overview Guide":
Avoid Resolving DNS Names Before Connecting to a Host
So ideally there should be an API for managing UDP Sockets, other than POSIX API and CFSocket, which accepts DNS names instead of IP addresses for the destination address.
Maybe I'm blind but I'm unable to find any such API. Any ideas?
Using any third party API (not from Apple) is not interesting, since such an API must base on either Apple API and in that case I can use this Apple API directly. Writing my own wrapper API around POSIX sockets is piece of cake, I've written so many sockets wrappers before, I already know all the nasty pitfalls. Yet I shall not use POSIX API, which is the initial problem here.
I asked Apple exactly the same question and their reply is more or less that there isn't any high level interface for UDP sockets. Regardless of what Apple says in their guides, when using UDP, either use POSIX sockets directly, in combination with an async manager like poll() or select(), or create a POSIX socket (maybe use bind() and/or connect() on it as required) and then wrap it into a CFSocket object using CFSocketCreateWithNative() to get RunLoop integration. This is the best API that exists. All higher level APIs are designed to be used with TCP only.
was attempting the same thing and although the docs say that lower level APIs will not activate the cellular radio and on-demand VPN, turns out its not entirely true for TCP connections.
In the case of UDP, this holds true and your UDP packets don't get sent most of the time. To solve this, just open up a listening socket for TCP using the lower level APIs and this will activate the cellular radio or on-demand VPN and close the socket once you are done.
For TCP, you can use the low-level APIs for server side code on iOS devices and this DOES activate the cellular radio or on-demand VPN but for client side code on iOS devices, it is preferable to use higher level APIs that have been provided. Either way, the radio is active and you don't have to worry about packets not being sent.
BTW, this is what I am currently doing.
Apple has a sample code describing how to use UDP.
Have myself not tried it, but this should give you some good pointers:
https://developer.apple.com/library/mac/#samplecode/UDPEcho/Introduction/Intro.html
Since 2018 Apple has introduced Network Framework which according to Apple is a modern alternative to Sockets and includes high level APIs for managing both TCP and UDP connection
Is it possible to modify users' HTTP request to
www.example.com/options
instead of
www.example.com/options_and_params
My scenario is that about 30000 users connect to my company's network backbone and I want to add one or more server (with the code I'm current working on) between the backbone switches and Radware LoadProof to achieve this work.
After googling all the night, I have no lead but some more questions:
I don't need to intercept every packet through the network. With some helps like iptables, I can filter out the package I want. I have done it before using iptables. However, packet is not equal to HTTP stream. Do I need to do HTTP re-construct?
If I successfully find a way to modify HTTP request URL content, I still should put it back to network stream. As I know TCP packets have a checksum and after I modify the content it must be wrong. How do I calculate a new checksum and put the packet back to network?
It's my first time to do network programming or packet processing develop. Any suggestion is appreciate.
This depends on whether you are doing HTTP/1.0 or HTTP/1.1 and whether its an initial request you need to modify or all requests in a single HTTP 1.1 session.
If you have the packet and can modify it before it is sent on and you are trying to modify just the request then given the length of a typical packet and the location of the URL in the HTTP request stream (very near the beginning) and the fact that it will be the first thing sent in the TCP stream I think you can fairly safely assume that it will be present in the first N bytes of the first packet sent and therefore won't be split over multiple packets.
However, if this is an HTTP/1.1 stream then multiple requests will be being sent via the same TCP connection in which case in future requests the URL may well be split over two TCP packets.
If you can maybe force HTTP/1.0 or possibly if you modify the initial or all requests to be HTTP/1.0 then you can be pretty sure that the first packet will correspond to the first packet of the TCP stream and that you are very unlikely to see the URL split over multiple packets, meaning no reconstruction and the ability to just do a replace.
However this will come at a cost of new TCP connections which is pretty inefficient.
If you don't and you leave it as HTTP/1.1 then the URL could be at any random point in any future request and therefore split over multiple TCP packets (two realistically given the size of the URL).
If I got your question right, then this could be probably done with some fast reverse-proxy like nginx.
I have a server application that receives some special TCP packet from a client and needs to react to it as soon as possible by sending an high-level ACK to the client (the TCP ACK won't suite my needs).
However, this server is really network intensive and sometimes the packet will take too long to be sent (like 200ms in a local network, when a simple server application can send it in less than 1ms).
Is there a way to mark this packet with a high-priority tag or something like that in Delphi? Or maybe with the Win32 API?
Thanks in advance.
EDIT
Thanks for all the answers so far. I'll add some details. My product has the following setup: there are several devices that are built upon vehicles with WIFI conectivity. When they arrive at the garage, those device connect to my server and start to transmit data.
Because of hardware limitations, I implemented a high-level ACK to make the device aware that the last packet arrived successfully (please, don't argue about this - the data may be broken even if I got a correct TCP ACK). However, if I use my server software, that communicates with a remote database, to issue this ACK, I get very long delay (>200ms). If I use an exclusive software to do this task, I get small latencies (<1ms). So, I was imagining if I could just tell Windows to send those special packets first, as it seems to me that this package is getting delayed so the database ones can get delivered.
That's the motivation behind my question.
EDIT 2
As requested: this is legacy software and I'm using the legacy dclsockets140.bpl package and Delphi 2010 (14.0.3593.25826).
IMO it is very difficult to realize this. there are a lot of equipment and software involved. first of all, if you communicate between 2 different OS's you got a latency. second, soft and hard firewalls, antiviruses, everything is filtering/delaying your package.
you can try also to 'hack' the system(this involve some very good knowledge on how the frames/segments are packed/send,flow control,congestion,etc), either by altering it from code, either by using some tools like http://half-open.com/ or others.
In short, passing MSG_OOB flag to the send function marks the data as "urgent". Detailed discussion about the OOB in the context of Windows Sockets implementation specifics is available here.
I'm want to design a ruby / rails solution to send out to several listening sockets on a local lan at the exact same time. I want the receiving servers to receive the message at exact same time / or millisecond second level.
What is the best strategy that I can use that will effectively allow the receiving socket to receive it at the exact same time. Naturally my requirements are extremely time sensitive.
I'm basing some of my research / design on the two following articles:
http://onestepback.org/index.cgi/Tech/Ruby/MulticastingInRuby.red
http://www.tutorialspoint.com/ruby/ruby_socket_programming.htm
Now currently I'm working on a TCP solution and not UDP because of it's guaranteed delivery. Also, was going to stand up ready connected connections to all outbound ports. Then iterate over each connection and send the minimal packet of data.
Recently, I'm looking at multicasting now and possibly reverting back to a UDP approach with a return a passive response, but ensure the message was sent back either via UDP / TCP.
Note - The new guy syndrome here with sockets.
Is it better to just use UDP and send a broad packet spam to the entire subnet without guaranteed immediate delivery?
Is this really a time sensitive component? If it's truly down to the microsecond level then you may want to ensure its implemented close to native functions on the hardware. That being said a TCP ACK should be faster than a UDP send and software response.