Search Results

Search found 2013 results on 81 pages for 'packet analyzer'.

Page 12/81 | < Previous Page | 8 9 10 11 12 13 14 15 16 17 18 19  | Next Page >

  • Using tshark to generate traffic logs every X seconds

    - by Sridhar Iyer
    I'm trying to use tshark to maintain a running history of all the packets that are going through an interface, for say 30 seconds. I want it to be human readable. This is a linux machine, and without mucking too much into the netstack source (which I can do if push comes to shove), I was wondering if I can use tshark to this. tshark has a -b duration:10 -b files:2 which I can use to generate a rotating set of 2 files, but I don't know which format it is printing the file in or how to read it.

    Read the article

  • Convert from port numbers to protocol names in wireshark

    - by Berkay
    i'm simply using tshark -r botnet.pcap -T fields -E separator=';' -e ip.src -e tcp.srcport -e ip.dst -e tcp.dstport '(tcp.flags.syn == 1 and tcp.flags.ack == 0)' to see the all initiated "legal TCP" connections. However, i need the destination port number conversion to "http" "netbios" etc. i'm not using -n option, but still i get: 128.3.45.128;62259;208.233.189.150;80 This is what i'm trying to get: 128.3.45.128;62259;208.233.189.150;http or 128.3.45.128;62259;208.233.189.150;80;http is better option for me. any idea from tshark users? or any other tool suggestions?

    Read the article

  • Convert from port numbers to protocol names ?

    - by Berkay
    i'm simply using tshark -r botnet.pcap -T fields -E separator=';' -e ip.src -e tcp.srcport -e ip.dst -e tcp.dstport '(tcp.flags.syn == 1 and tcp.flags.ack == 0)' to see the all initiated "legal TCP" connections. However, i need the destination port number conversion to "http" "netbios" etc. i'm not using -n option, but still i get: 128.3.45.128;62259;208.233.189.150;80 This is what i'm trying to get: 128.3.45.128;62259;208.233.189.150;http or 128.3.45.128;62259;208.233.189.150;80;http is better option for me. any idea from tshark users? or any other tool suggestions?

    Read the article

  • Is there an Installer Analyser tool that can list what Registry Keys will be created?

    - by EvoGamer
    I can think of 3 ways to achieve my goal: Create a clean VPC, install a given piece of software, and compare the before and after states. Somehow reverse-engineer the installer. Somehow redirect the output of the installer in question so that all registry calls and copy/move file commands are recorded, but not executed. The first option can be done manually, or potentially automated, but I feel it's rather OTT for my needs. The second could cause all sorts of licencing issues, not to mention it may not always return a correct result. Also, without delving into hex editing, I can't think of a way that it would be possible to do manually (some installers - eg Anti-Virus software - may react unfavourably on automated attempts to investigate the installer). The third option shows the most promise, although if the first could be stripped down into a lightweight throwaway environment, it would work pretty much the same way. However, I'm not sure how to do it. So my question is: What tools are available (if any) and/or how could I find out this information manually? I'm not looking to reverse-engineer anything (if I can help it), but I just want to know exactly what changes are being made to my PC by a given piece of software.

    Read the article

  • Is the scope of what Xcode's "Build and Analyze" will catch as a leak supposed to be this limited?

    - by Ranking Stackingblocks
    It doesn't care about this: NSString* leaker() { return [[NSString alloc] init]; } I thought it would have been smart enough to check if any code paths could call that function without releasing its return value (I wouldn't normally code this way, I'm just testing the analyzer). It reports this as a leak: NSString* leaker() { NSString* s = [[NSString alloc] init]; [s retain]; return s; } but NOT this: NSString* leaker() { NSString* s = [[NSString alloc] init]; // [s retain]; return s; } which seems particularly weak to me. Does it only analyze within the local scope? If the tool can't pick up on things like this, how can I expect it to pick up on actual mistakes that I might make?

    Read the article

  • Fortinet: Is there any equivalent of the ASA's packet-tracer command?

    - by Kedare
    I would like to know if there is not Fortigates an equivalent of the packet-tracer command that we can find on the ASA. Here is an example of execution for those who don't know it: NAT and pass : lev5505# packet-tracer input inside tcp 192.168.3.20 9876 8.8.8.8 80 Phase: 1 Type: ACCESS-LIST Subtype: Result: ALLOW Config: Implicit Rule Additional Information: MAC Access list Phase: 2 Type: ROUTE-LOOKUP Subtype: input Result: ALLOW Config: Additional Information: in 0.0.0.0 0.0.0.0 outside Phase: 3 Type: ACCESS-LIST Subtype: log Result: ALLOW Config: access-group inside-in in interface inside access-list inside-in extended permit tcp any any eq www access-list inside-in remark Allows DNS Additional Information: Phase: 4 Type: IP-OPTIONS Subtype: Result: ALLOW Config: Additional Information: Phase: 5 Type: VPN Subtype: ipsec-tunnel-flow Result: ALLOW Config: Additional Information: Phase: 6 Type: NAT Subtype: Result: ALLOW Config: object network inside-network nat (inside,outside) dynamic interface Additional Information: Dynamic translate 192.168.3.20/9876 to 81.56.15.183/9876 Phase: 7 Type: IP-OPTIONS Subtype: Result: ALLOW Config: Additional Information: Phase: 8 Type: FLOW-CREATION Subtype: Result: ALLOW Config: Additional Information: New flow created with id 94755, packet dispatched to next module Result: input-interface: inside input-status: up input-line-status: up output-interface: outside output-status: up output-line-status: up Action: allow Blocked by ACL: lev5505# packet-tracer input inside tcp 192.168.3.20 9876 8.8.8.8 81 Phase: 1 Type: ROUTE-LOOKUP Subtype: input Result: ALLOW Config: Additional Information: in 0.0.0.0 0.0.0.0 outside Phase: 2 Type: ACCESS-LIST Subtype: Result: DROP Config: Implicit Rule Additional Information: Result: input-interface: inside input-status: up input-line-status: up output-interface: outside output-status: up output-line-status: up Action: drop Drop-reason: (acl-drop) Flow is denied by configured rule Is there any equivalent on the Fortigates ?

    Read the article

  • [C++] Adding a string or char array to a byte vector

    - by xeross
    I'm currently working on a class to create and read out packets send through the network, so far I have it working with 16bit and 8bit integers (Well unsigned but still). Now the problem is I've tried numerous ways of copying it over but somehow the _buffer got mangled, it segfaulted, or the result was wrong. I'd appreciate if someone could show me a working example. My current code can be seen below. Thanks, Xeross Main #include <iostream> #include <stdio.h> #include "Packet.h" using namespace std; int main(int argc, char** argv) { cout << "#################################" << endl; cout << "# Internal Use Only #" << endl; cout << "# Codename PACKETSTORM #" << endl; cout << "#################################" << endl; cout << endl; Packet packet = Packet(); packet.SetOpcode(0x1f4d); cout << "Current opcode is: " << packet.GetOpcode() << endl << endl; packet.add(uint8_t(5)) .add(uint16_t(4000)) .add(uint8_t(5)); for(uint8_t i=0; i<10;i++) printf("Byte %u = %x\n", i, packet._buffer[i]); printf("\nReading them out: \n1 = %u\n2 = %u\n3 = %u\n4 = %s", packet.readUint8(), packet.readUint16(), packet.readUint8()); return 0; } Packet.h #ifndef _PACKET_H_ #define _PACKET_H_ #include <iostream> #include <vector> #include <stdio.h> #include <stdint.h> #include <string.h> using namespace std; class Packet { public: Packet() : m_opcode(0), _buffer(0), _wpos(0), _rpos(0) {} Packet(uint16_t opcode) : m_opcode(opcode), _buffer(0), _wpos(0), _rpos(0) {} uint16_t GetOpcode() { return m_opcode; } void SetOpcode(uint16_t opcode) { m_opcode = opcode; } Packet& add(uint8_t value) { if(_buffer.size() < _wpos + 1) _buffer.resize(_wpos + 1); memcpy(&_buffer[_wpos], &value, 1); _wpos += 1; return *this; } Packet& add(uint16_t value) { if(_buffer.size() < _wpos + 2) _buffer.resize(_wpos + 2); memcpy(&_buffer[_wpos], &value, 2); _wpos += 2; return *this; } uint8_t readUint8() { uint8_t result = _buffer[_rpos]; _rpos += sizeof(uint8_t); return result; } uint16_t readUint16() { uint16_t result; memcpy(&result, &_buffer[_rpos], sizeof(uint16_t)); _rpos += sizeof(uint16_t); return result; } uint16_t m_opcode; std::vector<uint8_t> _buffer; protected: size_t _wpos; // Write position size_t _rpos; // Read position }; #endif // _PACKET_H_

    Read the article

  • Benefits of "Don't Fragment" on TCP Packets?

    - by taspeotis
    One of our customers is having trouble submitting data from our application (on their PC) to a server (different geographical location). When sending packets under 1100 bytes everything works fine, but above this we see TCP retransmitting the packet every few seconds and getting no response. The packets we are using for testing are about 1400 bytes (but less than 1472). I can send an ICMP ping to www.google.com that is 1472 bytes and get a response (so it's not their router/first few hops). I found that our application sets the DF flag for these packets, and I believe a router along the way to the server has an MTU less than/equal to 1100 and dropping the packet. This affects 1 client in 5000, but since everybody's routes will be different this is expected. The data is a SOAP envelope and we expect a SOAP response back. I can't justify WHY we do it, the code to do this was written by a previous developer. So... Are there are benefits OR justification to setting the DF flag on TCP packets for application data? I can think of reasons it is needed for network diagnostics applications but not in our situation (we want the data to get to the endpoint, fragmented or not). One of our sysadmins said that it might have something to do with us using SSL, but as far as I know SSL is like a stream and regardless of fragmentation, as long as the stream is rebuilt at the end, there's no problem. If there's no good justification I will be changing the behaviour of our application. Thanks in advance.

    Read the article

  • Int Showing as Long Odd Value

    - by Josh Kahane
    Hi I am trying to send an int in my iphone game for game center multiplayer. The integer is coming up and appearing as an odd long integer value rather than the expected one. I have this in my .h: typedef enum { kPacketTypeScore, } EPacketTypes; typedef struct { EPacketTypes type; size_t size; } SPacketInfo; typedef struct { SPacketInfo packetInfo; int score; } SScorePacket; Then .m: Sending data: scoreData *score = [scoreData sharedData]; SScorePacket packet; packet.packetInfo.type = kPacketTypeScore; packet.packetInfo.size = sizeof(SScorePacket); packet.score = score.score; NSData* dataToSend = [NSData dataWithBytes:&packet length:packet.packetInfo.size]; NSError *error; [self.myMatch sendDataToAllPlayers: dataToSend withDataMode: GKMatchSendDataUnreliable error:&error]; if (error != nil) { // handle the error } Receiving: SPacketInfo* packet = (SPacketInfo*)[data bytes]; switch (packet->type) { case kPacketTypeScore: { SScorePacket* scorePacket = (SScorePacket*)packet; scoreData *score = [scoreData sharedData]; [scoreLabel setString:[NSString stringWithFormat:@"You: %d Challenger: %d", score.score, scorePacket]]; break; } default: CCLOG(@"received unknown packet type %i (size: %u)", packet->type, packet->size); break; } Any ideas? Thanks.

    Read the article

  • How can I fix this clang warning: "Object with +0 retain counts returned to caller where +1 (owning)

    - by mipadi
    I have a piece of Objective-C code that looks like the following: - (NSString *)copyData:(NSData *)data { NSString *path = [[[self outputDirectory] stringByAppendingPathComponent:@"archive"] stringByAppendingPathExtension:@"zip"]; NSLog(@"Copying data to %@", path); [data writeToFile:path atomically:NO]; return path; } The code is called from an initializer that looks like this: - (id)initWithData:(NSData *)data { if ((self = [super init]) != nil) { NSString *path = [self copyData:data]; // Line 41 (referenced in warning, shown below) return [self initWithContentsOfFile:path]; } return self; } When running the clang static analyzer, I get the following warnings for the path variable: Potential leak of an object allocated on line 41 and stored into 'path' Object with +0 retain counts returned to caller where +1 (owning) retain count is expected I'm confused. My understanding is that stringByAppendingPathComponent should not return an autoreleased string, so it should have a net retain count of 0. (Obviously I don't want to retain it.) I've tried altering copyData: to return the following, but it didn't get rid of the warning: return [[path retain] autorelease]; So what's the deal with this warning?

    Read the article

  • LLVM/Clang bug found in convenience method and NSClassFromString(...) alloc/release

    - by pirags
    I am analyzing Objective-C iPhone project with LLVM/Clang static analyzer. I keep getting two reported bugs, but I am pretty sure that the code is correct. 1) Convenience method. + (UILabel *)simpleLabel { UILabel *label = [[UILabel alloc] initWithFrame:CGRectMake(100, 10, 200, 25)]; label.adjustsFontSizeToFitWidth = YES; [label autorelease]; // Object with +0 retain counts returned to caller where a +1 (owning) retain count is expected. return label; } 2) The [NSClassFromString(...) alloc] returns retainCount + 1. Am I right? Class detailsViewControllerClass = NSClassFromString(self.detailsViewControllerName); UIViewController *detailsViewController = [[detailsViewControllerClass alloc] performSelector:@selector(initWithAdditive:) withObject:additive]; [self.parentController.navigationController pushViewController:detailsViewController animated:YES]; [detailsViewController release]; // Incorrect decrement of the reference count of an object is not owned... Are these some Clang issues or I am totally mistaken in these both cases?

    Read the article

  • my Website loss packet in 70% countries, how can i dertermine why its loss packets?

    - by user2511667
    I checked my website on google page speed tester, it show result 90/100. I checked my website on pingdom it shows good result there. When i check my website in cloudmonitor.ca.com, it shows good result in 30% countries and all other countries it show packet loss (100%) How we can determine why my website has packet loss? And what is its solution? Is this problem from my server or from my website? I created new html blank page and set it too my index page, after I tested, it still shows packet loss, guess this means the problem is not in my website. Here is live result When I visit my website in browser, website is working fine. But when i test my domain or IP 198.178.123.219 in command Prompt it shows "Request time out" Why time out in command prompt?

    Read the article

  • Mutt not working due to "gnutls_handshake: A TLS packet with unexpected length was received." error

    - by Vinit Kumar
    I am expecting lots of problem trying to make mutt work in Ubuntu 12.04. Here is my .muttrc : http://paste.ubuntu.com/1273585/ Here is the bug I am getting when i tried to connect. gnutls_handshake: A TLS packet with unexpected length was received. Do anyone knows a workaround to fix this error.If so please suggest it asap. Many Thanks in Advance! For debug here is the output of my mutt -v: http://paste.ubuntu.com/1273590/

    Read the article

  • Is there a maximum delay an UDP packet can have?

    - by Jens Nolte
    I am currently implementing a real-time network protocol for a multiplayer game using UDP. I am not having any technical difficulties, but as I always have to care about late UDP packets I am wondering just how late they can arrive. I have researched the topic and have not found any mention of it, so I assume there is no technical limitation, but I wonder if common network/internet architecture (or hardware) gives an effective limitation of how late a UDP packet can be delivered.

    Read the article

  • Why does Bing webmaster tool's SEO analyzer complain about multiple <h1> tags?

    - by Mathew Foscarini
    I used the Bing webmaster tool's SEO analyzer on my website, and it reported: There are multiple tags on the page. It recommends that there should only be one <h1> tag on the page. The page is a listing of blog posts for a category. So each blog entry is structured like this. <article> <header><h1><a>...</a></h1></header> <p>summary...</p> </article> <article> <header><h1><a>...</a></h1></header> <p>summary...</p> </article> <article> <header><h1><a>...</a></h1></header> <p>summary...</p> </article> <article> <header><h1><a>...</a></h1></header> <p>summary...</p> </article> How is this invalid? I thought this was the correct way to describe a post in HTML5.

    Read the article

  • Can I prevent an IDENTIFY PACKET DEVICE command to a specific device at boot?

    - by Brian Spisak
    This is related to a previous question related to installation that is now resolved. I'm opening a new question, because I still need to get my DVD drive working. Problem: Failed boot when my ASUS DRW-24B1/ST DVD drive is attached to my asmedia ASM1061. Symptom: ata8.00: exception Emask 0x52 Sact 0x0 SErr 0xffffffff action 0xe frozen ata8: SError: { blah blah } ata8.00: failed command: IDENTIFY PACKET DEVICE ata8.00: cmd blah blah res blah blah (ATA bus error) ata8.00: status: { DRDY } ata8: hard resetting link Background: The ASM1061 is a PCIe to SATA bridge providing 2 x 6Gb/s ports and is supposed to be fully compliant to SATA specs. I just discovered in the fine print of my ASUS P8Z77-V pro motherboard that "These SATA ports are for data hard drivers only. ATAPI devices are not supported." However, I have already installed Windows 7 using this drive and I can run the Ubuntu 12.04 installer from it as well. The only time I have a problem is during Ubuntu boot when it tries an IDENTIFY PACKET DEVICE which seems to be an ATAPI command. I can't simply switch this device to another SATA port because they are already allocated to other devices. (My chipset's 2 x 6Gb/s are connected to my boot SSD and a fast HDD while the 4 x 3Gb/s ports are running a RAID 5 array.) If this can't be fixed or worked around, I suppose I'll have to go buy SATA add-in card. Blech. Thoughts: If indeed this is a device specific issue (that it doesn't support ATAPI discovery) then I can't expect - is it udev? - to work with it. But, it seems that Windows and even the Ubuntu installer work just fine. So why does udev have a problem? At the end of the day, it would be nice to have the DVD working under Ubuntu, but I can live without it. But, as this is a dual-boot machine, I can't physically disconnect it because I want it to work with Windows. (And physically disconnecting it every time I want to boot Ubuntu is NOT an option. ;-) Questions: Should this be considered a bug? My feelings are that if it works with other OS that it should probably work with Ubuntu as well. How can I work around this problem? I have a limited knowledge of linux internals, but it seems I should be able to somehow tell udev (or whatever is doing the discovery) to ignore that device. Is there a way?

    Read the article

  • can I read exactly one UDP packet off a socket?

    - by Brian Palmer
    Using UNIX socket APIs on Linux, is there any way to guarantee that I read one UDP packet, and only one UDP packet? I'm currently reading packets off a non-blocking socket using recvmsg, with a buffer size a little larger than the MTU of our internal network. This should ensure that I can always receive the full UDP packet, but I'm not sure I can guarantee that I'll never receive more than one packet per recvmsg call, if the packets are small. The recvmsg man pages reference the MSG_WAITALL option, which attempts to wait until the buffer is filled. We're not using this, so does that imply that recvmsg will always return after one datagram is read? Is there any way to guarantee this? Ideally I'd like a cross-UNIX solution, but if that doesn't exist is there something Linux specific?

    Read the article

  • Usefulness of packets in wireshark? SSDP protocol, rather than HTTP?

    - by Chris
    I used to be able to filter my wireshark packets to get useful information from them. However, with my current configuration on OSX, all of the HTTP traffic is coming through as the SSDP protocol and is generally being unhelpful. Why is this? Actually, it seems that packets on my own system that should be HTTP are coming throuhg as HTTP, but packets from other machines that should be HTTP are coming through as this protocol.

    Read the article

  • Network corruption - corrupt downloads, corrupt streams, etc.

    - by rfrankel
    I've been having some problems with my home LAN. Downloaded executables won't run, my remote desktop sessions keep getting interrupted due to encryption errors, flash video streams show visible corruption (both Hulu and YouTube), and I've had a couple downloads for which the md5 hashes don't match. The problem has even occurred with a couple images embedded in webpages, though that's rare enough (presumably because images are relatively smaller files). I've had this problem across two Windows machines and a Mac, so it's neither machine-specific nor at the app or OS level. Comcast claims it's nothing to do with them, and my Linksys/Cisco RV016 router is out of warranty, so I have no access to official support. When I log into my router, it shows no error packets or dropped packets received. I plugged a laptop directly into the router and was able to download a 5.5 MB file and verify its MD5 hash, which is not proof that the problem is downstream of the router, but makes it seem quite likely, since I failed to download the same file several times from two desktops (one Mac, one Windows). Could this be a wiring problem? If so, is there any way clever/elegant to determine which wiring is faulty with just software? If I can avoid tracing all the wires throughout my entire house it would make my life quite a bit easier.

    Read the article

  • Capture traffic from SPAN and send it to a HyperV VM

    - by Josh Brower
    On a Server 2008 SP2 HyperV VM, I am trying to capture traffic from a SPAN. I know the SPAN is working, as I am able to capture the traffic on the Host OS, but when I try and capture traffic on the VM, with the SPAN being sent to a virtual adapter, I cannot seem to get it to work-- After doing some Googling, I have found that it might be because HyperV NICs cannot be put into promiscuous mode. (?) Any other thoughts? -Josh

    Read the article

  • What program should I use for SSL stripping and re-encrypting

    - by Sparksis
    I'm trying to strip a HTTP over SSL connection down to SSL and then re-encrypt the channel (with a signed certificate(s) I can provide). Of course I want to be able to store captures of all the un-encrypted data. The purpose of this is to reverse engineer a HTTP handshake that is used by a SIP program on my machine. I've tried SSLstrip but it doesn't support what I need it too. Edit: I want something to this effect https://github.com/applidium/Cracking-Siri/blob/master/tcpProxy.rb only more generic and able to write to a pcap stream that wireshark will understand (I'm not sure if this does that). Edit2: upon further inspection this does not create pcap streams. I guess if need be I can write a compatible version but that is not the desired choice.

    Read the article

  • nf_conntrack complaints in dmesg

    - by Alexander Gladysh
    While investigating complains on bad HTTP server performance, I've discovered these lines in dmesg of my Xen XCP host that contains a guest OS with said server: [11458852.811070] net_ratelimit: 321 callbacks suppressed [11458852.811075] nf_conntrack: table full, dropping packet. [11458852.819957] nf_conntrack: table full, dropping packet. [11458852.821083] nf_conntrack: table full, dropping packet. [11458852.822195] nf_conntrack: table full, dropping packet. [11458852.824987] nf_conntrack: table full, dropping packet. [11458852.825298] nf_conntrack: table full, dropping packet. [11458852.825891] nf_conntrack: table full, dropping packet. [11458852.826225] nf_conntrack: table full, dropping packet. [11458852.826234] nf_conntrack: table full, dropping packet. [11458852.826814] nf_conntrack: table full, dropping packet. Complains are repeated every five seconds (number of suppressed callbacks is different each time). What can these sympthoms mean? Is that bad? Any hints? (Note that the question is more narrow than "how to solve specific case of bad HTTP server performance", so I do not give more details on that.) Additional info: $ uname -a Linux MYHOST 3.2.0-24-generic #37-Ubuntu SMP Wed Apr 25 08:43:22 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux $ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 12.04 LTS Release: 12.04 Codename: precise $ cat /proc/sys/net/netfilter/nf_conntrack_max 1548576 The server is under about 10M hits / day load.

    Read the article

  • OSX 10.6 Cisco IPSEC strange behavior

    - by tair
    I'm trying to connect to Cisco IPSEC VPN of my company over DSL Internet. I managed to successfully connect using Cisco VPN Client, now I'm trying to switch to OSX 10.6 native client, because of licensing issues. The problems is that the connection fails with a dialog box containing the message: The negotiation with the VPN server failed. Verify the server address and try reconnecting. I checked logs: Jun 29 13:10:39 racoon[4551]: Connecting. Jun 29 13:10:39 racoon[4551]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 1). Jun 29 13:10:39 racoon[4551]: IKEv1 Phase1 AUTH: success. (Initiator, Aggressive-Mode Message 2). Jun 29 13:10:39 racoon[4551]: IKE Packet: receive success. (Initiator, Aggressive-Mode message 2). Jun 29 13:10:39 racoon[4551]: IKEv1 Phase1 Initiator: success. (Initiator, Aggressive-Mode). Jun 29 13:10:39 racoon[4551]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 3). Jun 29 13:10:42 racoon[4551]: IKE Packet: transmit success. (Mode-Config message). Jun 29 13:10:42 racoon[4551]: IKEv1 XAUTH: success. (XAUTH Status is OK). Jun 29 13:10:42 racoon[4551]: IKE Packet: transmit success. (Mode-Config message). Jun 29 13:10:42 racoon[4551]: IKEv1 Config: retransmited. (Mode-Config retransmit). Jun 29 13:10:42 racoon[4551]: IKE Packet: receive success. (MODE-Config). Jun 29 13:10:42 configd[19]: event_callback: Address added. previous interface setting (name: en1, address: 192.168.1.107), current interface setting (name: u92.168.54.147, subnet: 255.255.255.0, destination: 192.168.54.147). Jun 29 13:10:42 configd[19]: network configuration changed. Jun 29 13:10:42 vmnet-bridge[111]: Dynamic store changed Jun 29 13:10:42 named[62]: not listening on any interfaces Jun 29 13:10:58: --- last message repeated 1 time --- Jun 29 13:10:58 configd[19]: SCNCController: Disconnecting. (Connection tried to negotiate for, 16 seconds). Jun 29 13:10:58 racoon[4551]: IKE Packet: transmit success. (Information message). Jun 29 13:10:58 racoon[4551]: IKEv1 Information-Notice: transmit success. (Delete ISAKMP-SA). Jun 29 13:10:58 racoon[4551]: Disconnecting. (Connection tried to negotiate for, 19.113382 seconds). Jun 29 13:10:58 named[62]: not listening on any interfaces Jun 29 13:10:58 vmnet-bridge[111]: Dynamic store changed Jun 29 13:10:58 named[62]: not listening on any interfaces Jun 29 13:10:58 configd[19]: network configuration changed. Then I opened Terminal, started pinging a server behind VPN, and tried to connect again. Now connection is OK! Logs this time: Jun 29 13:46:53 racoon[8136]: Connecting. Jun 29 13:46:53 racoon[8136]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 1). Jun 29 13:46:53 racoon[8136]: IKEv1 Phase1 AUTH: success. (Initiator, Aggressive-Mode Message 2). Jun 29 13:46:53 racoon[8136]: IKE Packet: receive success. (Initiator, Aggressive-Mode message 2). Jun 29 13:46:53 racoon[8136]: IKEv1 Phase1 Initiator: success. (Initiator, Aggressive-Mode). Jun 29 13:46:53 racoon[8136]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 3). Jun 29 13:46:56 racoon[8136]: IKE Packet: transmit success. (Mode-Config message). Jun 29 13:46:56 racoon[8136]: IKEv1 XAUTH: success. (XAUTH Status is OK). Jun 29 13:46:56 racoon[8136]: IKE Packet: transmit success. (Mode-Config message). Jun 29 13:46:56 racoon[8136]: IKEv1 Config: retransmited. (Mode-Config retransmit). Jun 29 13:46:56 racoon[8136]: IKE Packet: receive success. (MODE-Config). Jun 29 13:46:56 configd[19]: event_callback: Address added. previous interface setting (name: en1, address: 192.168.1.107), current interface settinaddress: 192.168.54.149, subnet: 255.255.255.0, destination: 192.168.54.149). Jun 29 13:46:56 vmnet-bridge[111]: Dynamic store changed Jun 29 13:46:56 named[62]: not listening on any interfaces Jun 29 13:46:56 configd[19]: network configuration changed. Jun 29 13:46:56 named[62]: not listening on any interfaces Jun 29 13:46:56 racoon[8136]: IKE Packet: transmit success. (Initiator, Quick-Mode message 1). Jun 29 13:46:56 racoon[8136]: IKE Packet: receive success. (Initiator, Quick-Mode message 2). Jun 29 13:46:56 racoon[8136]: IKE Packet: transmit success. (Initiator, Quick-Mode message 3). Jun 29 13:46:56 racoon[8136]: IKEv1 Phase2 Initiator: success. (Initiator, Quick-Mode). Jun 29 13:46:56 racoon[8136]: Connected. Jun 29 13:46:56 configd[19]: SCNCController: Connected. I tested it several times and it consistently behaves the same. What is the magic?

    Read the article

  • structure of ethernet frame (tcp/udp) [closed]

    - by rtmrtm2
    How is an ethernet-frame structured. is it: |MAC | |_______________| | |IP | | |___________| | |TCP | | |_______| | |HTTP| |__________|____| or the other way around? so in words: is the mac wrapped around the ip wrapped around the tcp wrapped arround the http? can someone post an image of the specific 'wrapping'? thanks in advance. regards, rtmrtm2

    Read the article

< Previous Page | 8 9 10 11 12 13 14 15 16 17 18 19  | Next Page >