To determine if an IPv4 gateway is alive or not programatically, raw packet socket with ETH_P_ARP as the protocol, can be used as follows:
int fd = socket (PF_PACKET, SOCK_RAW, ETH_P_ARP);
I'm looking for an IPv6 equivalent of ETH_P_ARP to use to ping an IPv6 gateway along similar lines. What are the other options in which this can be achieved programmatically?
Thanks!
Using wireshark, the protocol on a ND solicitation and on advertisement is just 0x86DD, and in if_ether.h that is assigned to ETH_P_IPV6.
Related
I am new to network programming, and I have some confusion with select function.
For a server program, we need to first create a fd to socket endpoint (server's ip and port without client's ip and port) with socket, bind and listen, then if there is a TCP connection to this socket endpoint, then accept returns the fd to the socket (server's ip, port and client's ip, port). Then we use recv on this socket's fd, and if there is no data to receive, the recv will block (for blocking socket).
I learned that select is used to handle non-blocking multiple connections. But which connection level does it handles? Does it handles multiple socket endpoints, or handles multiple sockets of one single socket endpoint?
For a normal server program, I think the socket endpoint is always single, and there are maybe hundreds of sockets connected to this endpoint. So I think handling multiple socket endpoints may be less useful to handling multiple sockets. But when talking about IO multiplexing, I find that many articles seems talking about handling multiple socket endpoints. While for handling multiple sockets to a single socket, I can't find a way to get all sockets, and put them to select's set of fds, since accept only accepts one sockets a time.
"Does it handles multiple socket endpoints or handles multiple sockets of one single socket endpoint?" -- There is no such thing as multiple sockets of a single socket endpoint. Every socket is an endpoint to the network communication. It just happens that the piece of code which deals with that socket might be different from the others. Consider the following socket descriptors:
int sock_acpt = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
listen(sock_acpt, 5);
int sock_cli = accept(sock_apt, ....);
Both the socket descriptors sock_acpt and sock_cli are the endpoints of different communications. After setting sock_acpt in passive mode by calling listen(), the socket just listens for TCP connection, and the server's TCP stack will manage any data that appears on that socket (most probably TCP Handshakes). While sock_cli is the end of an already established connection, and in general, the data on that socket is managed by the user-level application.
Now coming to select(), it is an IO Multiplexer, not a Network IO multiplexer. So any descriptor which can be viewed as an IO endpoint can be used with the select(). Referring to our socket descriptors sock_acpt and sock_cli, both are IO endpoints of different communications, so you can use both of them with select(). You generally do something like below
for ( ; ; ) {
fd_set rd_set;
FD_ZERO(&rd_set);
FD_SET(sock_acpt, &rd_set);
FD_SET(sock_cli, &rd_set);
if (select(sock_acpt > sock_cli ? sock_acpt + 1 : sock_cli + 1, \
&rd_set, NULL, NULL, NULL) <= 0) {
continue;
}
if (FD_ISSET(sock_acpt, &rd_set)) {
// Accept new connection
// accept(sock_acpt, ...);
}
if (FD_ISSET(sock_cli, &rd_set)) {
// Read from the socket
// read(sock_cli, ...);
}
}
But using select() is not limited to sockets, you can use with the file IO (fileno(stdin)), with the signal IO (signalfd()) and any other which can be viewed as IO endpoint.
I'd like to know how to make a display filter for ip-port in wireshark.
So, for example I want to filter ip-port 10.0.0.1:80, so it will find all the communication to and from 10.0.0.1:80, but not communication from 10.0.0.1:235 to some ip on port 80.
I want to filter out ip-port pair for any protocol that suports ports. Either tcp or udp. That ip-por pair can contact any other ip on any port.
(ip.src == XXX.XXX.XXX.XXX && (tcp.srcport == YYY || udp.srcport == YYY)) || (ip.dst == XXX.XXX.XXX.XXX && (tcp.dstport == YYY || udp.dstport == YYY) will match:
all packets coming from IPv4 address XXX.XXX.XXX.XXX and TCP or UDP port YYY;
all packets going to IPv4 address XXX.XXX.XXX.XXX and TCP or UDP port YYY;
which sounds as if it's what you want. (If it's not what you want, you'll have to be even more specific and precise about what you want.)
Try this filter:
(ip.src==10.0.0.1 and tcp.srcport==80) or (ip.dst==10.0.0.1 and tcp.dstport==80)
Since you've got two ports and two IPs in tcp/ip packets you need to specify exactly what source and destination sockets you want.
The IP protocol doesn't define something like a port. Two protocols on top of IP have ports TCP and UDP.
If you want to display only packets of a TCP connection sent from port 80 of one side and to port 80 of the other side you can use this display filter:
tcp.srcport==80 && tcp.dstport==80
Similar you can define a filter for a UDP communication. You can narrow the filter with addtional conditions like
ip.srcaddr==1.2.3.4
or
ip.addr==55.66.77.88
You can even use the C style operators && and || as well as parentheses to build complex filters.
(ip.addr==128.100.1.1 && tcp.port==80) || (ip.addr==10.1.2.1 && udp.port==68)
What you actually want to filter is your decision.
I came across the kernel driver code implementing some sort of IGMP snooping backend and as part of its functionalilty it creates a new socket address family, AF_IGMPSNOOP, but actually implements just a few operations for this type of socket:
static struct proto_ops igmp_snoop_ops = {
family: AF_IGMP_SNOOP,
release: _igmp_snoop_sock_release,
bind: sock_no_bind,
connect: sock_no_connect,
socketpair: sock_no_socketpair,
accept: sock_no_accept,
getname: sock_no_getname,
poll: datagram_poll,
ioctl: sock_no_ioctl,
listen: sock_no_listen,
shutdown: sock_no_shutdown,
setsockopt: _igmp_snoop_setsockopt,
getsockopt: sock_no_getsockopt,
sendmsg: _igmp_snoop_sock_sendmsg,
recvmsg: _igmp_snoop_sock_recvmsg,
mmap: sock_no_mmap,
sendpage: sock_no_sendpage,
}
However from a user space perspective a socket is created as:
fd = socket (AF_IGMPSNOOP, SOCK_RAW, IPPROTO_IGMP)
I'm wondering what is the rationale for adding a new family, while in fact a raw socket is being used to access the stack for IGMP packets? Would not it be the same to just create AF_INET raw socket and do the things?
Looking forward to hearing form you !
Thanks.
Mark
I am developing a chat application.
But Right now chatting is possible with only google because I know only google's port no.
xmppClient = [[XMPPClient alloc] init];
[xmppClient addDelegate:self];
// Replace me with the proper domain and port.
// The example below is setup for a typical google talk account.
[xmppClient setDomain:#"talk.google.com"];
[xmppClient setPort:5222];
You can see that, google has set 5222 as port number.
Same way I want to set port no for yahoo, windows messenger & other popular sites, How can I get all these?
(Is it something like that - "XMPP is specific for Google ones" ? ? )
Kraken's Openfire Properties Page has the port and domain information you need. Just re-use and try with your application.
5222/tcp is the default port for XMPP, but your implementation may have a different one. To find out, you do a DNS SRV query for _xmpp-client._tcp.YOURDOMAIN, where you replace YOURDOMAIN with the domain you're trying to connect to. This will return 0+ records that have hostname/port combinations for how to connect. If you get 0 records back, assume port 5222.
For example, I want to connect to the GoogleTalk server, and log in with the account foo#gmail.com. My client performs the lookup that can be simulated with dig on the command line like this:
% dig +short -t SRV _xmpp-client._tcp.gmail.com.
20 0 5222 talk1.l.google.com.
20 0 5222 talk4.l.google.com.
5 0 5222 talk.l.google.com.
20 0 5222 talk3.l.google.com.
20 0 5222 talk2.l.google.com.
The result with the lowest priority number is 5 0 5222 talk.l.google.com., which means you open a TCP connection to talk.l.google.com on port 5222.
To make SRV queries from code, check out this answer, which relies on DNSServiceQueryRecord.
5222 is the default port for XMPP, but
your implementation may have a
different one. To find out, you do a
DNS server query for
_xmpp-client._tcp.DOMAIN_Name, where you replace DOMAIN_Name with the
domain you're trying to connect to(ex.
gmail.com,google.com,yahoo.com). This
will return 0+ records that have
hostName/port combinations for how to
connect. If you get 0 records back,
assume port 5222.
i want to check my server connection to know if its available or not to inform the user..
so how to send a pkg or msg to the server (it's not SQL server; it's a server contains some serviecs) ...
thnx in adcvance ..
With all the possibilities for firewalls blocking ICMP packets or specific ports, the only way to guarantee that a service is running is to do something that uses that service.
For instance, if it were a JDBC server, you could execute a non-destructive SQL query, such as select * from sysibm.sysdummy1 for DB2. If it's a HTTP server, you could create a GET packet for index.htm.
If you actually have control over the service, it's a simple matter to create a special sub-service to handle these requests (such as you send through a CHECK packet and get back an OKAY response).
That way, you avoid all the possible firewall issues and the test is a true end-to-end one. PINGs and traceroutes will be able to tell if you can get to the machine (firewalls permitting) but they won't tell you if your service is functioning.
Take this from someone who's had to battle the network gods in a corporate environment where machines are locked up as tight as the proverbial fishes ...
If you can open a port but don't want to use ping (i dont know why but hey) you could use something like this:
import socket
host = ''
port = 55555
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
s.bind((host, port))
s.listen(1)
while 1:
try:
clientsock, clientaddr = s.accept()
clientsock.sendall('alive')
clientsock.close()
except:
pass
which is nothing more then a simple python socket server listening on 55555 and returning alive