Using Wireshark With Local Test Application - sockets

I have written a small client server socket application. It is a proof of concept for some socket programming that I want to apply to a much bigger project.
For the moment I want to user wireshark to analyse the traffic that goes between them. They are both running on my local machine.
I have installed a loopback interface, and have tried to use wireshark with it.
No joy. Any ideas?
I have successfully analysed traffic between my machine and other machines no problems.
I have had a look here,
http://wiki.wireshark.org/CaptureSetup/Loopback
And I am not using the address 127.0.0.1 which they mention saying you can't capture traffic on 127.0.0.1
Thanks.

You might try creating a virtual machine to run your application and using wireshark on it.

Save yourself some grief and download Microsoft Network Monitor.
As good as Wireshark is on Unixen, Windows is a "special" case :)

Related

Running transmission daemon in network namespace with VPN

I have a raspberry pi for HTPC and I also want to be a transmission-daemon to torrent some movies for it. Even though downloading only without uploading is not a crime in my country, I don't want my ISP to see any torrent traffic and deduce bad conclusions, so I want transmission to be run in a namespace with VPN access! The reason for the namespace is that for other applications, like Kodi, I don't need and want a VPN because it is slower.
Docker is not an option for me as it is (for some reason) cumbersome to puzzle together on arm machines.
But I have ip netns and if I want to run this part on my OpenWRT router in the future, there I would definitely not have any docker containers :)
I found a guy on Github, who made this possible :)
Well-engineered bash scripts, nordVPN configurations, and tranmission-configs to achieve this goal.
https://github.com/BarrRedKola/torrentns
Everything is kind-of documented, and I have just fired up my namespace with transmission.
Even remote access is provided for transmission Web via tunneling localhost:9091 to namespace:9091....nice stuff.

gwan. Accessing site through external IP

I have a Gwan server set up at home on my Arch Linux box. I'm running "motion". I have a router that, of course, handles my external IP address.
I want to access the avi movie shorts generated by motion through port 1000 which is port forwarded through my router to the box on my internal network. I've written an event_end script that copies these motion videos to my Gwan "Document Root". I've set the particular directory up according to the Gwan docs and can see these videos using the external ip address:1000 just fine when I'm at home. But when I click on the very same link from the machine at my office, I get this error message in Firefox: "Firefox can't establish a connection to the server at 99.99.99.99:1000.".
So I don't understand why I can see that link when I'm at home but not from anyplace else. What setting have I missed?
Thanks.
Are you sure that your firewall at work allows traffic on port :1000 at all?
port 1000 which is port forwarded through my router to the box on my internal network [at home]... but I get an error "Firefox can't establish a connection to the server at 99.99.99.99:1000" [from my office].
As Pete noticed, this sounds like a routing error.
As the HTTP client, Firefox, cannot even establish a connection, the problem happens before G-WAN can do anything.
while I was using quickserve, I could view those videos just fine while using port:1000
...probably from your private network at home, and not from your office.
If quickserve was available from your office then, since then, you have messed with the router port mapping OR with the G-WAN listener (hence the connection failure).
Unfortunately, since G-WAN won't receive anything until you get this right, its log files won't help.
And as you do not provide any information about your port mapping and G-WAN listener, we can't help you to spot obvious errors.
Note that this issue is a system configuration problem and has little to do with the G-WAN application server itself (remember that Stackoverflow is a Q&A site for developers). The Serverfault site might be a better place to discuss your problem.

How to connect and read/write file to a local computer on iphone?

i have a problem with local network connection. i'm writing an iphone application and i need to read/write files to a computer. Both devices connected on the same network.
if it's possible, i want to get connected computers ip list, select one of them and read/write files like pdf, doc, txt etc.. if it's not possible to do, i will write the computer ip which i want to connect. There is no problem, both of solution is OK.
But i dont know what do i do after get the computer's ip ?
i found this chat client/server on local, but i got it very complicated.
Anyone have any idea about this ?
You'll need to have a server running on the computer, which can show files and allow for files to be read and created.
Easiest is to run a webdav service on the computer, Apache provides the mod_dav module for this purpose.
The iPhone app then becomes the client. I'd suggest using neon for this purpose. It's a C library that provides listing, reading and writing files on a remote webdav server.
That's how I would do it.
1) Find the network address of the computer you want to connect to. For this you can make use of Bonjour. It's very easy to setup because Bonjour handles the resolving of address for you.
You just have to publish a service (e.g. _myprotocol._tcp) via the ´NSNetService` class which is available on iOS and OS X (Windows too)- in your case you would publish the service on your computer.
Then you search for the service with the NSNetServiceBrowser class.
When you found a service you can then resolve it. This actually gives you the network name of the other device.
2) Connect to the other device via a tcp socket. The CocoaAsyncSocket library is very good at this. This project also includes some examples. One example already provides a bonjour server and client implementation.
i found exactly what i want. The solution is here

How to capture loopback traffic in Windows Server 2008

Setup:
I have client C connecting to server S
Both C and S are on the same machine
In C the server address is hardcoded to 127.0.0.1. Likewise, in S the client address is hardcoded to 127.0.0.1
Problem:
I want to be able to sniff the traffic between the client and the server.
Due to the configuration, I cannot move the client nor the server to different locations (the address are hardcoded)
Installing the loopback interface and using tools like Wireshark+WinPcap doesn't lead anywhere (was actually already known but was worth a try)
RawCap, suggested in another topic, doesn't work. IP 127.0.0.1 is listed, but does not record any traffic.
Using rinetd to route the traffic elsewhere, as suggested here doesn't work (cannot bind on 127.0.0.1)
Not interested in using a HTTP local proxy, such as Fiddler, because I'd like to capture also other protocols
Two commercial tools work, specifically CommView and Local Network Monitor, which means it must be possible to do that ;)
How can I do to capture the traffic?
Any pointer on functions I should use or documentation I should read?
Thanks!
Basically you need to write a TDI filter driver to achieve that... for some pointers see:
http://msdn.microsoft.com/en-us/library/windows/hardware/ff565685%28v=vs.85%29.aspx
http://msdn.microsoft.com/en-us/library/windows/hardware/ff563317%28v=VS.85%29.aspx
Another option is to write a WinSock LSP.
BEWARE
Since Windows 8 it is strongly encouraged to use WFP (Windows Filtering Platform) for this sort of thing...
Although it might be more cost-effective to just use/buy an existing solution - esp. if you are not a very experienced driver developer...
Use RawCap, which can solve your concerns, see this

how can we sniff traffic between two ports of same machine?

I am testing a thick client which is connected to a database, need to sniff traffic b/w tcp port on same machine
WireShark (formerly Ethereal) will work perfectly, if you're not familiar with it, it can be a little tricky on OSX, Windows it's no problem and Linux can be a headache. You can download it here http://www.wireshark.org/, and read a short-primer here - http://www.ipprimer.com/packets.cfm
Essentially there's a capture phase, and then you can work with the data – for your purposes you can live-capture and filter the output to the packets on the port/destination you care about, I've used it many-a-time to debug dodgy home networking, or problems at the office.
Beware if using MySQL and localhost for example, this is a key-word for MySQL and it will infact use the socket instead.. which makes things a matter more complicated, you can circumvent this problem by always making sure to use 127.0.0.1 if working with MySQL. (Perhaps other software uses this convention?)
You can try some tools like WireShark.
Assuming you're on Windows:
I'd split the client and server across two machines, either two real ones, or a VM with something VMWare. Then I'd use Wireshark.