I'm trying to send multiples packets to test a server , but i need to send different traffic pattern ( send IPv4,ICMP,Ipv6...) but i can't even specify one type when sending the streams
[EDIT-1]
CMD: ./build/MoonGen ./packetgen.lua -tx 0 -rx 1
packetgen.lua is the default script present in LYA folder of Moongen
Related
I have a trouble to tune TCP client-server communication.
My current project has a client, running on PC (C#) and a server,
running on embedded Linux 4.1.22-ltsi.
Them use UDP communication to exchanging data.
The client and server work in blocking mode and
send short messages one to 2nd
(16, 60, 200 bytes etc.) that include either command or set of parameters.
The messages do note include any header with message length because
UDP is message oriented protocol. Its recvfrom() API returns number of received bytes.
For my server's program structure is important to get and process entire alone message.
The problem is raised when I try to implement TCP communication type instead of UDP.
The server's receive buffer (recv() TCP API) is 2048 bytes:
#define UDP_RX_BUF_SIZE 2048
numbytes = recv(fd_connect, rx_buffer, UDP_RX_BUF_SIZE, MSG_WAITALL/*BLOCKING_MODE*/);
So, the recv() API returns from waiting when rx_buffer is full, i.e after it receives
2048 bytes. It breaks all program approach. In other words, when client send 16 bytes command
to server and waits an answer from it, server's recv() keeps the message
"in stomach", until it will receive 2048 bytes.
I tried to fix it as below, without success:
On client side (C#) I set the socket parameter theSocket.NoDelay.
When I checked this on the sniffer I saw that client sends messages "as I want",
with requested length.
On server side I set TCP_NODELAY socket option to 1
int optval= 1;
setsockopt(fd,IPPROTO_TCP, TCP_NODELAY, &optval, sizeof(optval);
On server side (Linux) I checked socket options SO_SNDLOWAT/SO_RCVLOWAT and they are 1 byte each one.
Please see the attached sniffer's log picture. 10.0.0.10 is a client. 10.0.0.106 is a server. It is seen, that client activates PSH flag (push), informing the server side to move the incoming data to application immediately and do not fill a buffer.
Additional question: what is SSH encrypted packets that runs between the sides. I suppose that it is my Eclipse debugger on PC (running server application through the same Ethernet connection) sends them. Am I right?
So, my problem is how to cause `recv() API to return each short message (16, 60, 200 bytes etc.) instead of accumulating them until receiving buffer fills.
TCP is connection oriented and it also maintains the order in which packets are sent and received.
Having said that, in TCP client, you will receive the stream of bytes and not the individual udp message as in UDP. So you will need to send the packet length and marker as the initial bytes.
So client can first find the packet length and then read data till packet length is reached and then expect new packet length.
You can also check for library like netty, zmq to do this extra work
For c send function(blocking way) it's specified what function returns with size of sent bytes when it's received on destinations. I'm not sure that I understand all nuances, also after writing "demo" app with WSAIoctl and WSARecv on server side.
When send returns with less bytes number than asked in buffer-length parameter?
What is considered as "received on destinations"? My first guess it's when it sit on server's OS buffer and server application is notified. My second one it's when server application recv call have read it fully?
Unless you are using a (somewhat exotic) library, a send on a socket will return the number of bytes passed to the TCP buffer successfully, not the number of bytes received by the peer (see Microsoft´s docs for example).
When you are streaming data via a socket, you need to check the bytes effectively accepted into the TCP send buffer. That´s why usually a send command is inside a loop that will issue several sends if needed.
Errors in send are local: for example if the socket is closed by the peer during a sending operation (making your socket invalid) or if the operation times out (TCP buffer not emptying, i. e. peer not receiving data fast enough or some other trouble).
After all send is completed you have no easy way of knowing if the peer received all the bytes you sent. You´ll usually just issue closesocket and make sure that your socket has a proper linger option set (i. e. only close after timeout or sucessfully finishing the send). Alternatively you wait for a confirmation by the peer (for example via a recv that returns zero bytes, indicating that the connection was gracefully closed).
Edit: typo
I was trying to manipulate SOME/IP messages by falsifying their content(Payload) sent between 2 ECUs at run time.
After setting up the Hardware VN6510A MAC Bypassing and integrating it in the data traffic path between those 2 ECUs to monitor and control all Ethernet data streams.
ECU A ---> eth1 interface --VN6510A-- eth2 interface ---> ECU B
I successfully catch our target SOME/IP messages and I also succefully manipulate their paylod.
But at the end we got 2 SOME/IP messages: the real coming message and the falsified message forwarded at the same time.
How could we bound those 2 SOME/IP messages, the real message and the falsified message together, so that we could have just one falsified SOME/IP message, knowing that I am using the same SOME/IP message handle.
I used the callback function void OnEthPacket(LONG channel, LONG dir, LONG packet) to register a received Ethernet packet.
Probably by setting your VN.... to "Direct" and not "MAC Bypassing"
Well we could not manipulate Messages at run time using the vector box VN6510A Solution because simply their box doesn't support this feature.
On this post http://pysnmp.sourceforge.net/examples/current/v1arch/manager/cmdgen/getnext-v1.html I was able to change the pdu on the fly for one device at a time, but I struggled to send a request to more the one device at the same time.
I tried doing the following:
transportDispatcher.registerTransport(
udp.domainName, udp.UdpSocketTransport().openClientMode()
)
transportDispatcher.sendMessage(
encoder.encode(reqMsg), udp.domainName, ('demo.snmplabs.com', 161)
)
transportDispatcher.jobStarted(1)
transportDispatcher.registerTransport(
udp.domainName, udp.UdpSocketTransport().openClientMode()
)
transportDispatcher.sendMessage(
encoder.encode(reqMsg), udp.domainName, ('192.168.0.49', 161)
)
transportDispatcher.jobStarted(1)
But I get the following error: "pysnmp.carrier.error.CarrierError: Transport (1, 3, 6, 1, 6, 1, 1) already registered".
So how do I change PDU on the fly and send a SNMP request to multiple devices on the same time?
Strictly speaking, you are not changing PDU on the fly, rather you are building different SNMP messages and sending them independently through the same network transport.
The problem with your code is that you are trying to register multiple UDP sockets under the same SNMP transport ID. You do not need that, as you could send UDP datagrams to multiple destinations through a single socket.
Therefore transport registration should only be performed once in your code:
# one-time initialization
transportDispatcher.registerTransport(
udp.domainName, udp.UdpSocketTransport().openClientMode()
)
# messaging
while True:
transportDispatcher.sendMessage(
encoder.encode(reqMsg), udp.domainName, ('demo.snmplabs.com', 161)
)
transportDispatcher.jobStarted(1)
...
Side note: DNS resolver is not asynchronous, make sure it works fast enough or use IP addresses for addressing your agents.
If you want multiple UDP sockets for some reason, use different SNMP transport IDs for them for both registration and use:
transportDispatcher.registerTransport(
udp.domainName + (1,), udp.UdpSocketTransport().openClientMode()
)
transportDispatcher.registerTransport(
udp.domainName + (2,), udp.UdpSocketTransport().openClientMode()
)
I need to ask few question about Asterisk
1) Does ACL mean by Access Control list here ?If yes than how could i use it?
>ip show user 6001
* Name : 6001
Secret : <Set>
MD5Secret : <Not set>
Context : DLPN_Admin
Language :
AMA flags : Unknown
Transfer mode: open
MaxCallBR : 384 kbps
CallingPres : Presentation Allowed, Not Screened
Call limit : 2147483647
Callgroup : 1
Pickupgroup : 1
Callerid : "test" <6001>
ACL : No
Sess-Timers : Accept
Sess-Refresh : uas
Sess-Expires : 1800 secs
Sess-Min-SE : 90 secs
RTP Engine : asterisk
Codec Order : (ulaw:20,gsm:20)
Auto-Framing: No
2) What is mean by "Require Call Token" in Asterisk Digium GIU on Create new User Panel
3) Is There any command from where i can get users VOICE MAIL password ?
4) What AMI or CLI command set call recording on or off for user ? and if i want that file to be stored on client computer not on server memory what could i do ?
Question 1:
Yes, ACL does stand for Access Control List. You can use the settings "contextpermit/contactdeny" to control what addresses a UA can register from; "permit/deny" to control what addresses a UA can establish calls from (INVITE request); and "directmediapermit/directmediadeny" to control what addresses a UA can use to set up direct media between UAs. Note that all of this is in the sample sip.conf, delivered with Asterisk.
Question 2:
Call Token refers to the IAX setting "requirecalltoken". Older Asterisk clients (1.2 before 1.2.35) don't support call tokens. Note that call tokens were added to address a security vulnerability (AST-2009-006). From the AST notification:
"A lot of time was spent trying to come up with a way to resolve this issue in a way that was completely backwards compatible. However, the final resolution ended up requiring a modification to the IAX2 protocol. This modification is referred to as call token validation. Call token validation is used as a handshake before call numbers are assigned to IAX2 connections.
Call token validation by itself does not resolve the issue. However, it does allow an IAX2 server to validate that the source of the messages has not been spoofed. In addition to call token validation, Asterisk now also has the ability to limit the amount of call numbers assigned to a given remote IP address.
The combination of call token validation and call number allocation limits is used to mitigate this denial of service issue."
Question 3:
No. That doesn't mean you couldn't use AGI to call out to a script with the user's voicemail extension, do the parsing yourself, and put the result in a channel variable.
Question 4:
AMI commands are documented at Asterisk AMI Actions. I'm going to assume that by "set recording" you mean start a Monitor application on some particular channel (and not change CDRs, CELs, etc.) In that case, you'd use the Monitor AMI action to start the recording, and StopMonitor AMI action to stop the recording. Once the file is created, you can move it off the server yourself using AGI or some other externally spawned mechanism.