I am attempting to run the FreeRTOS+TCP demo (release 10.1.1):
The code is written for the Windows Simulator, but I am attempting to target the Xilinx Zynq, emulated by QEMU (version 4.2.0). The host machine is Ubuntu 16.04. There exists a
Network Interface port for the TCP part of FreeRTOS+TCP, so this should be possible.
One of the obvious modifications to the demo is changing the way messages are printed, and removing calls to the Windows Sleep function. Also, I am using ARM semihosting to view the output of the print statements.
Besides these changes, what changes will I need to make to the command line call? The demo creates a TCP echo server and client. If these are tied together, then no traffic should need to go to the host, right? Is there anything special I would need to do to get this to work? I don't have a ton of experience with networking.
Since this is technically a baremetal application, CLI options like -nic user,hostfwd=tcp::5022-:22 give the warning qemu-system-arm: warning: nic cadence_gem.1 has no peer.
(Found at How to replace `qemu-system -redir` command argument?).
If I ever did want to send traffic between the host and guest (like having a ncat echo server, instead of in FreeRTOS), how would I go about doing that?
Here is a related problem, with no solution:
Running LWIP TCP/IP Stack with QEMU
Current command line arguments:
qemu-system-arm -semihosting --semihosting-config enable=on,target=native -nographic -serial mon:stdio -machine xilinx-zynq-a9 -m 512M -cpu cortex-a9 -nic user,hostfwd=tcp::12346-:7 -kernel build/rtos_demo_tcp/rtos_demo_tcp.elf
Current output (I enabled extra debug messages):
qemu-system-arm: warning: nic cadence_gem.1 has no peer
Seed for randomiser: 1591112953
Random numbers: 00001294 00001925 000022D0 00005CC3
FreeRTOS_IPInit
vTaskStartScheduler
prvIPTask started
Network buffers: 30 lowest 30
IP Address: 10.2.118.223
Subnet Mask: 255.255.255.0
Gateway Address: 10.2.118.1
DNS Server Address: 208.67.222.222
Socket 7 -> 0ip:0 State eCLOSED->eTCP_LISTEN
Then this next bit repeats indefinitely, with a different socket number each time:
FreeRTOS_connect: 14207 to a0276dfip:7
Socket 14207 -> a0276dfip:7 State eCLOSED->eCONNECT_SYN
ARP for a0276dfip (using a0276dfip): rc=0 00:00:00 00:00:00
Network buffers: 30 lowest 29
Connect[a0276dfip:7]: next timeout 1: 500 ms
ARP for a0276dfip (using a0276dfip): rc=0 00:00:00 00:00:00
Connect[a0276dfip:7]: next timeout 2: 500 ms
ARP for a0276dfip (using a0276dfip): rc=0 00:00:00 00:00:00
Connect[a0276dfip:7]: next timeout 3: 500 ms
Connect: giving up a0276dfip:7
Socket 14207 -> a0276dfip:7 State eCONNECT_SYN->eCLOSE_WAIT
FreeRTOS_closesocket[14207 to a0276dfip:7]: buffers 30 socks 1
Summary: How do I change the way I am calling QEMU so that the TCP client and server can connect to each other?
I would recommend trying out all of the options enumerated in the qemu networking guide:
- SLIRP: -netdev user,id=mynet0,net=192.168.76.0/24,dhcpstart=192.168.76.9
- TAP: -netdev tap,id=mynet0
- SOCKET: -netdev socket,id=mynet0,listen=:1234 and -netdev socket,id=mynet0,connect=:1234
And there is much more in the guide. Something you might also consider is that it might be difficult for you to port-forward directly from the VM you care about to the host, and it might be easier to connect that VM to another VM and port-forward from that second VM to your host.
Sounds a bit odd, but that's something I've needed to do before. To talk between two VM's I find sockets to be the best method. They work sort of like a "virtual crossover cable".
This VM to VM method would allow you to simply have to set up corresponding static IP's and subnets on each VM and then ncat's would work between them. Do away with all of the complexity of a DHCP server and any sort of port-forwarding.
Related
I have been using the NTP protocol for a while. Lately, I have encountered a strange issue. Namely, when I try to print a list of the peers known to the server it takes around 20 seconds. Earlier it took less time.
[root#centos-test centos]# time ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
*ntp1.tp.pl .MRS. 1 u 18 64 3 2.093 -0.021 0.098
ntp2.tp.pl .MRS. 1 u 22 64 3 2.404 0.120 0.041
96-7.cpe.smnt.p 149.156.70.75 2 u 27 64 3 22.526 -2.296 0.089
ntp.wide-net.pl 194.146.251.101 2 u 30 64 3 65.808 -8.530 0.049
real 0m20.180s
user 0m0.017s
sys 0m0.011s
I have restarted everything. I have changed the pools but without any significant effect.
It looks like it may be an issue with your DNS resolvers.
When you ask ntp for peer or host details by default it will try and resolve the reverse DNS names for any listed hosts. If your resolvers are slow, or there are DNS issues then that will hang your response and explain the situation you are seeing.
If you try the same command with the -n flag that will tell ntp to only return the IP addresses and not attempt a DNS lookup.
The command in your case would be; time ntpq -p -n I'd suggest that you check what DNS servers you have setup in /etc/resolv.conf and change them - but do note, if your host gets its own IP address via DHCP then the resolv.conf might get updated when your address refreshes, or changes.
I have setup a simple HTTP java server running locally on port 8000. It simply prints a message "Hello world" when a request comes. When I try to ping it from the browser by running http://localhost:8000/test I get my message printed.
I want to get the same results from another computer that is not local. When I try to use my public IP lets say http:/43.xxx.xxx.xxx:8000/test (even from the same machine) I get an ERR_CONNECTION_REFUSED .
I probably suspect that has something to do with the firewall. Can anyone guide me a little more because I lack the experience?
Thanks in advance
You don't specify what host OS your server/firewall is running so I'll keep this generic...
Without knowing your application, it seems like the server is sending a reset (RST packet) when the first SYN packet shows up indicating that the port (on that interface [your external]) is closed. You can do a quick port scan from here (https://mxtoolbox.com/PortScan.aspx) if you don't have access to a remote machine to test with. Odds are, TCP/8000 will not be open.
If it is, in fact, closed, you'll have to look at the firewall that your host OS is running and find out how to allow TCP/8000 to your host. In a major firewall vendor, your rule would look similar to this:
Source: Any
Destination: Your Public IP Address
Service: TCP/8000
Action: Allow
Logging: Full
That being said, you mentioned this was a PC so look into "iptables" (if you're running *nix) or the Windows Firewall (if you're running Windows) on adding firewall rules (Unfortunately I just joined and can't ask questions/comments, yet).
If you really want to find out what packet is being sent, run a tcpdump on your external interface (let's say eth1) (assuming your remote IP is 1.2.3.4 and your home public IP is 4.5.6.7):
tcpdump -nn -vvv -e -s 0 -X -c 100 -i eth1 host 1.2.3.4 and host
4.5.6.7 and port 8000
Here you're looking for the SYN/SYN-ACK/ACK for a successful TCP negotiation or SYN/RST if there is a firewall rejecting (not dropping) the TCP stream to the port.
Once the port is open on the host OS firewall, take a look at the application to make sure it's configured properly. If this were a standard webserver, you could take a look at the configuration files for the "Allow from" directives to make sure that everyone can access the site. If this is a custom application that you've created, you'll have to check this yourself.
I finally solved my problem. I needed to open a forwarding port in my router that maps my local ip address to the public. My router is TP Link so this what I did:
http://www.tp-link.com/us/faq-72.html
Also in order for this to work every time and not to have to reconfigure this every time I reconected to the router (because I get a new local IP), I have created a static local ip for my server following this guide:
http://www.tp-link.com/us/faq-182.html
Thanks for all the replies.
I am building a web app that uses some nmap flags, such as -O, which require a root user to run. Since I'm running this through a Java application, I don't want to run everything as root to accomplish this. Is it possible to change the nmap privs to all be non-root? Alternatively, what other options are there?
Nmap requires root privileges for some operations because the underlying OS requires them for the kinds of behavior Nmap uses: raw sockets and network sniffing, primarily. It's not something you can just change.
One option would be to only use the features of Nmap that do not require root. These features include:
Reverse name resolution
TCP host discovery (e.g. not ICMP ping or ARP)
TCP Connect scan (-sT)
Service version scan (-sV)
Most NSE scripts (e.g. not the broadcast or sniffer scripts)
The features that require root are:
ICMP and UDP host discovery
TCP SYN, FIN, NULL, XMAS, and other scan modes
UDP scan
OS fingerprinting
Traceroute
A few NSE scripts
It's important to note that Nmap doesn't have protections to prevent a root user from executing arbitrary code. This means that it is very unsafe to use it as a setuid program or to allow a non-admin user to run it with sudo.
A little research has been done into running Nmap with Linux file capabilities. You can see how to do this on the Running nmap as an unprivileged user page on SecWiki.org.
I have a windows server 2008 machine on which I am unable to bind to a socket at a particular high-port range without getting an error 10013 (WSAEACCES). In particular, I can't bind to ports 62788-64764, which is rather inconvenient since I'm trying to start up a service that is configured to run on ports in that range, and I can't change that configuration. The process is launched from a cmd window having Administrator privileges.-a
Why can't I bind to these port numbers?
I've tried all the obvious things:
Netstat -a does not show any processes listening on those ports.
Using netsh int ipv4 show excludedportrange protocol=tcp, I verified that there aren't any excluded ports in this range:
Start Port End Port
---------- --------
80 80
443 443
8172 8172
47001 47001
The machine was running a DNS server, so I set the DNS SocketPoolSize to zero, but that didn't work. (I even shut the server down, but that didn't help either).
I've rebooted (and kicked) the machine several times, and I've reset the winsock catalog (netsh winsock reset).
There's got to be some other configuration setting I am missing; any ideas?
UPDATE: I discovered that shutting down the Windows service "Internet Connection Sharing" makes the problem go away, although why that service was locking up these specific ports is still unclear to me.
I'd guess with ICS enabled, Hide NAT is also enabled (internal IPs hiding behind a single - or multiple - external IPs). That means the Server will need to rewrite source IP and source port of clients going to the internet to avoid source port collisions.
Hiding NAT gateways thus usually reserve a port range in the higher area (>port 50000) for that. So ICS may block a whole range of high ports for NAT porposes.
And this is why server applications should stay in the low / privileged range of ports (i.e. <1024)
I need to scan the open ports of my server.
I tried nmap by: nmap ***.dyndns.info from within my local network.
It gave me:
Starting Nmap 5.21 ( http://nmap.org ) at 2011-04-09 16:05 JST
Nmap scan report for ***.dyndns.info (***.***.***.39)
Host is up (0.00097s latency).
rDNS record for ***.***.***.39: ************.ne.jp
Not shown: 994 closed ports
PORT STATE SERVICE
23/tcp open telnet
53/tcp open domain
80/tcp open http
Then I tried the open ports tool provided by dyndns.com by specifying a specific port like:
global ip address 23
global ip address 53
global ip address 80
For each of those tests, it gave me "timed out" as a result, which is contradictory with the nmap results.
I know that depending on the way that nmap performs the tests, it may turn out that the result is "open".
So, I think the best way to test the ports of a given server is from outside, like the dyndns open ports tool.
But I'd like to test all ports at once, as opposed to one by one.
Is there any reliable tool for that, especially that I can use in command line?
I am on ubuntu 10.10.
Try Gibson Research Corporation ShieldsUP. It will test your firewall.
Note that whether or not a port is 'open' is also a function of the requesting source host and port; it is pretty easy to configure a firewall system to open a port for a specific set of source IP and port ranges. So there's no sure-fire way to tell if a port is open or not from the outside; netstat -an or similar tools will more reliably tell you which ports are open. (Except in the case of a rootkit, but any respectable rootkit would probably limit access to the open ports to a handful of netblocks as well, just to keep their property theirs.)
It'd be a piece of cake to buy a VPS slice from your favorite hosting provider for $10 for a month and portscan your own machine; nmap's default -T3 scanning option already parallelizes the scan, which is useful, but if your network connection is decent, -T4 may go more quickly.