This question is following this one: Sockets working in openSUSE do not work in Debian?
When working with sockets on my Debian system, I have to use nc -l -p port_number to simulate the server I want to talk with. If I'm using nc -l port_number, it will fail when using the socket connect function and strerror(errno) will say "Connection refused".
Netcat without -p option is working great on other Linux distributions, what should I change on my configuration?
Do not adjust your set. There are multiple implementations of netcat out there; not all of them behave the same.
In particular, the "traditional" version of netcat, which is probably what you have installed on your Debian system, will end up doing something totally unexpected if you omit the -p ("port") flag: it will end up treating the last argument as a hostname, pass it to inet_aton(), which will convert it to a nonsensical IP address (e.g, 1234 will become 0.0.4.210), and will then proceed to ignore that IP address and listen on a socket with an automatically assigned (probably random) port number.
This behavior is obviously silly, so some other implementations of netcat will assume you meant -p. The one you're using doesn't, though, so pass the -p option.
I agree with duskwuff that it is better to just use the -p option everywhere, but to answer your question:
The one thing you have to do is install a netcat that supports the syntax you want. I know the netcat-openbsd package supports it. I know the netcat-traditional package does not. There's also a netcat6 package, which also doesn't. You can then explicitly request the OpenBSD version of netcat like so:
nc.openbsd -l 4242
Optionally you may use the alternatives system to set this version of netcat to run when you issue the nc command:
update-alternatives --set nc /bin/nc.openbsd
This will be done automatically for you if this is the only netcat you've installed.
Finally, you may, again optionally, remove the netcat you don't like (netcat-traditional or netcat6).
Related
I have a system with arch linux running OVS. I also have a controller running in the same box. I have the following setup:-
ovs-vsctl set-controller br-int tcp:192.168.1.201:6633
I was hoping to use tshark( tshark 2.2.8) to capture the openflow using the following command:-
sudo tshark -i br-int -d tcp.port==6633,openflow -O openflow_v4
it dumps all the all the flows that is flowing in the system but no packetIn openflow messages. I did confirm packetIn message was received by the controller. ( pasting the last few lines:-)
EVENT ofp_event->EventOFPPacketIn
packet in 1237689849893337 b8:27:xx:xx:yy:yy:zz ff:ff:ff:ff:ff:ff:3
I also understand from the tshark document that by default it uses the port 6653 for openflow.
tshark -G decodes | grep -i openflow
tcp.port 6653 openflow
However I was in the impression that I can still look for openflow traffic by using the following capture command:-
https://wiki.wireshark.org/OpenFlow
tshark tcp port 6633
This also doesn't work as no events are captured though I can see the controller receiving lots of events..
would greatly appreciate any help here.
My guess would be that you're not listening on the correct interface. Try the following:
sudo tshark -i any -d tcp.port==6633,openflow -O openflow_v4
If that doesn't work, it's possible your controller and switch are not communicating using OpenFlow 1.3. To make sure you see everything, try:
sudo tshark -i any -d tcp.port==6633
Details. Unless there's something particular in your setup, packets from Open vSwitch to the controller and back do not go through the bridge. Since both ends of the communication are on the same host, packets are probably going through the loopback interface:
sudo tshark -i lo -d tcp.port==6633
I was able to reproduce your setup and issue to confirm my answer with Open vSwitch 2.5.2 and Floodlight (master branch). I can see packets passing through on the loopback interface with both tcpdump and tshark.
I tried to install authbind but getting below error,
Can anyone please help me to resolve this error.
There this project here : https://github.com/tootedom/authbind-centos-rpm
You can easely download this file with :
wget https://s3.amazonaws.com/aaronsilber/public/authbind-2.1.1-0.1.x86_64.rpm
and install it with :
rpm -Uvh https://s3.amazonaws.com/aaronsilber/public/authbind-2.1.1-0.1.x86_64.rpm
The previous answer by irrational won't work because that rpm is built against libc2.14 which is only on centos 7 not 6.
rpm -Uvh authbind-2.1.1-0.1.x86_64.rpm
error: Failed dependencies:
libc.so.6(GLIBC_2.14)(64bit) is needed by authbind-2.1.1-0.1.x86_64
I think you have to build the rpm yourself from the instructions at https://github.com/tootedom/authbind-centos-rpm
I'm having some trouble because the spec file appears to have some errors.
UPDATE:
step-by-step instructions:
svn co https://github.com/tootedom/authbind-centos-rpm.git
mkdir /root/rpmbuild
cp -R authbind-centos-rpm.git/trunk/authbind/* /root/rpmbuild/
cd /root/rpmbuild/SOURCES
wget http://ftp.debian.org/debian/pool/main/a/authbind/authbind_2.1.1.tar.gz
mv authbind_2.1.1.tar.gz authbind-2.1.1.tar.gz
cd ../
rpmbuild -v -bb --clean SPECS/authbind.spec
After all that fix up the rpm actually built and is now at:
/root/rpmbuild/RPMS/x86_64/authbind-2.1.1-0.1.x86_64.rpm
You can now install that using rpm -Uvh and have access to authbind like dem debian peeps.
I did this on centos 6.7 minimal os
I have Centos6, and was having trouble getting a version that would work. Perhaps my solution is just cutting the Gordian knot with a sword, but here goes.
I needed to do use authbind in the first place because I was trying to make Tomcat work on port 80. If that's why your messing with authbind, this should be especially helpful.
I also couldn't make Tomcat work with all the various authbind variations. The one thing that I did do that is worth reporting is that you can just get the gnu sources for authbind and build them and run them. They have supported ipv6 since 2012. If you are having trouble wrestling with distribution managers to make authbind work, including problems with glibc, this approach might be useful. As far as I can tell, authbind doesn't do anything that requires a new glibc, so this worked well, and authbind runs on my Centos 6 happily and without problems.
Keep in mind that this is Linux, sources are available, and sometimes it's easier just to rebuild something than try to get it from a distribution source, especially, as here, when the problem in getting established software like authbind to work with an old version of glibc.
So, First get the tarfile. I got it from:
http://ftp.debian.org/debian/pool/main/a/authbind/authbind_2.1.1.tar.gz
create a directory, then "tar xvf", and then do a "make all" and "make install"
However, the solution that worked for me (as I mentioned, I needed authbind in order to make port numbers less than 1024 available to tomcat), was simply to change the iptables, which I did as follows. (You can cut and paste this into a script if you want to save it for future reference.)
# check that rules are not there already
# note: you must be root; if you aren't do a su, or sudo before each line
iptables -L -n -t nat
# Add rules
iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -I PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 8443
# Check
iptables -L -n -t nat
# Save
service iptables save
iptables -L -n -t nat
Giving credit where it's due, this is described well (but with some errors that should be obvious) at
https://www.locked.de/how-to-run-tomcat-on-port-80/
Marklan
I'm new to linux server. I install mongodb on centos 6.3. And I run the mongodb server in this command:
mongod -config /etc/mongodb.conf &
And i'm sure that I have make bind_ip to listen all ip:
# mongodb.conf
# Where to store the data.
dbpath=/var/lib/mongodb
#where to log
logpath=/var/log/mongodb/mongodb.log
logappend=true
rest = true
bind_ip = 0.0.0.0
port = 27017
But, I cannot make mongodb remote access either. my server ip is 192.168.2.24,and I run mongo in my local pc to access this mongodb, it show me this error:
Error: couldn't connect to server 192.168.2.24:2701
7 (192.168.2.24), connection attempt failed at src/mongo/shell/mongo.js:148
exception: connect failed
But, I can access this mongodb in server where mongodb install using this command:
mongo --host 192.168.2.24
So, I think it may success to make mongo remote access, but maybe something wrong with linux server,maybe firewall? So,I try to use the command to check the port whether open for remote access:
iptables -L -n | grep 27017
nothing is returned, then I add port to iptalbes using this command:
iptables -A INPUT -p tcp --dport 27017 -j ACCEPT
iptables -A OUTPUT -p tcp --source-port 27017 -m state --state ESTABLISHED -j ACCEPT
and save the iptables & restart it:
iptables-save | sudo tee /etc/sysconfig/iptables
service iptables restart
I can see port of 27017 is added to iptables list, but it still not work at all. I think it may not success in opening the port of 27017. How should I do for it? I'm new to linux server,by the way my linux server pc is offline. So it can't use the command about "yum". please give me solution in detail. Thanks so much.
It seems like the firewall is not configured correctly.
Disclaimer: Fiddling with firewall settings has security implications. DO NOT USE THE FOLLOWING PROCEDURE ON PRODUCTION SYSTEMS UNLESS YOU KNOW WHAT YOU ARE DOING!!! If in the slightest doubt, get back to a sysadmin or DBA.
The problem
Put simply, a firewall limits the access to services like MongoDB running on the protected machine by unauthorized parties.
CentOS only allows access to ssh by default. We need to configure the firewall so that you can access the MongoDB service.
The solution
We will install a small tool provided by CentOS < 7 (version 7 provides different means), which simplifies the use of iptables, which in turn configures netfilter, the framework of the Linux kernel allowing manipulation of network packets – thus providing firewall functionality (amongst other cool things).
Then, we will use said tool to configure the firewall functionality so that MongoDB is accessible from everywhere. I can't give you a more secure configuration, since I do not know your network setup. Again, use this procedure on production systems at your own risk. You have been warned!
Installation of system-config-firewall-tui
First, you have to log into your CentOS box as root, which allows installation and deinstallation of packages and change system-wide configurations.
Then, you need to issue (the dollar sign denotes the shell prompt)
$ yum -y install system-config-firewall-tui
The result should look something like this
Configuration of the firewall
Next, you need to start the tool we just installed
$ system-config-firewall-tui
which will create a small command line GUI:
Do not simply disable the firewall!.
Press Tab or →| respectively, until the "Customize" button is highlighted. Now press ↵. In the next screen, highlight "Forward" and press ↵. You now should be in a screen called "Other Ports",
in which you highlight "Add" and press↵. This brings you to a screen "Port and Protocol" which you fill like shown below
The configuration explained: MongoDB uses TCP for communicating with the clients and it listens on port 27017 by default for a standalone instance. Note that you might need to change the port according to the referenced list in case you do not run a standalone instance or replica set.
The next step is to highlight "OK" and press ↵, which will seemingly clear the inputs. However, the configuration we just made is saved. So we will press "Cancel" and return to the "Other Ports" screen, which should now look like this:
Now, we press "Close" and return to the main screen of "system-config-firewall-tui". Here, we press "Ok" and the tool asks you if you really want to apply those the changes you just made. Take the time to really think about that. ;)
Pressing "Yes" will now modify the firewall rules executed by the Linux kernel.
We can verify that by issuing
$ iptables -L -n | grep 27017
which should result in the output below:
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:27017
Now you should be able to connect to your MongoDB server.
I just installed nmap (never used it before). I want to see which machine on the network is listening to port 1234. How can I do that using the GUI of nmap.
nmap -v -A -p 1234 192.168.1.1-255 This command will scan your entire subnet
The officially supported (and included!) GUI for Nmap is Zenmap. It uses Profiles to choose common options, but the command line is clearly editable, as well. To get started, choose the Regular Scan profile, which removes the extra timing and scan mode arguments. Then, enter your target in the Target box. To scan a local network, you can use CIDR notation (e.g. 10.10.0.0/16) or octet ranges (e.g. 10.10.0-255.0-255).
To scan just one port, use the -p option with the port number. It is usually helpful to specify verbose output, too, with -v. Altogether, your command line will look something like this:
nmap -p 1234 -v 10.10.10.0/24
Then click the Scan button to begin scanning.
This worked for me
nmap -p 1234 -A -v 10.10.*.*
First question is: it seems like magic that one I run ./run.sh, I can turn off the computer, turn it back on again and still it knows about //localhost:8080/jmx-console/. I looked in the start up programs and I don't see any hint of it. How does it remember?
Never mind, the real question is I want the host to be my local LAN and not just localhost. I found I could do shutdown.sh and that would indeed shutdown the server such that //localhost:8080/jmx-console/ would no longer work. That is good, now the next step is to confine it to my LAN. I know I can use ./run.sh -b 0.0.0.0 but that opens it to the world. My computer is at 192.168.1.100 so I tried ./run.sh -b 192.168.1.0 which I would take to mean take addresses in the range 192.168.1.XXX. The server "started" but I can't get it to answer any calls and I couldn't get shutdown.sh to do anything.
I started ./run.sh again and it hooked up to the localhost. I don't know if it still has a memory of my ./run.sh -b 192.168.1.0 or not. If so, I'd like to get rid of it. In any case I'd like to know what the correct command should be.
Thanks,
Ilan
Which version of jboss?
I use -b 127.0.0.1 on jboss 4