Search Results

Search found 3489 results on 140 pages for 'tcp'.

Page 32/140 | < Previous Page | 28 29 30 31 32 33 34 35 36 37 38 39  | Next Page >

• SSH not working over IPSec tunnel (Strongswan)

  - by PattPatel

  I configured a small network on a cloud virtual machine. This virtual machine has a static IP address assigned to eth0 interface that I'll call $EXTIP. mydomain.com points to $EXTIP. Inside, I have some linux containers, that get their ip through DHCP in the Subnet 10.0.0.0/24 (i called the virtual interface nat ). They run some services that can be reached through DNAT. Then I wanted to connect to these containers through an IPSec tunnel, so I configured StrongSwan. ipsec.conf: conn %default dpdaction=none rekey=no conn remote keyexchange=ikev2 ike=######## left=[$EXTIP] leftsubnet=10.0.1.0/24,10.0.0.0/24 leftauth=pubkey lefthostaccess=yes leftcert=########.pem leftfirewall=yes leftid="#########" right=%any rightsourceip=10.0.1.0/24 rightauth=######## rightid=%any rightsendcert=never eap_identity=%any auto=add type=tunnel Everything works fine, IPSec clients get IPs of the 10.0.1.0/24 subnet and can reach the containers subnet. My problem is that I'm not able to get SSH connections over the tunnel. It simply does not work, ssh client does not produce any output. Sniffing with tcpdump gives: tcpdump: 09:50:29.648206 ARP, Request who-has 10.0.0.1 tell mydomain.com, length 28 09:50:29.648246 ARP, Reply 10.0.0.1 is-at 00:ff:aa:00:00:01 (oui Unknown), length 28 09:50:29.648253 IP mydomain.com.54869 > 10.0.0.1.ssh: Flags [S], seq 4007849772, win 29200, options [mss 1460,sackOK,TS val 1151153 ecr 0,nop,wscale 7], length 0 09:50:29.648296 IP 10.0.0.1.ssh > 10.0.1.2.54869: Flags [S.], seq 2809522632, ack 4007849773, win 14480, options [mss 1460,sackOK,TS val 11482992 ecr 1151153,nop,wscale 6], length 0 09:50:29.677225 IP mydomain.com.54869 > 10.0.0.1.ssh: Flags [.], ack 2809522633, win 229, options [nop,nop,TS val 1151162 ecr 11482992], length 0 09:50:29.679370 IP mydomain.com.54869 > 10.0.0.1.ssh: Flags [P.], seq 0:23, ack 1, win 229, options [nop,nop,TS val 1151162 ecr 11482992], length 23 09:50:29.679403 IP 10.0.0.1.ssh > 10.0.1.2.54869: Flags [.], ack 24, win 227, options [nop,nop,TS val 11483002 ecr 1151162], length 0 09:50:29.684337 IP 10.0.0.1.ssh > 10.0.1.2.54869: Flags [P.], seq 1:32, ack 24, win 227, options [nop,nop,TS val 11483003 ecr 1151162], length 31 09:50:29.685471 IP 10.0.0.1.ssh > 10.0.1.2.54869: Flags [.], seq 32:1480, ack 24, win 227, options [nop,nop,TS val 11483003 ecr 1151162], length 1448 09:50:29.685519 IP mydomain.com > 10.0.0.1: ICMP mydomain.com unreachable - need to frag (mtu 1422), length 556 09:50:29.685567 IP 10.0.0.1.ssh > 10.0.1.2.54869: Flags [.], seq 32:1402, ack 24, win 227, options [nop,nop,TS val 11483003 ecr 1151162], length 1370 09:50:29.685572 IP 10.0.0.1.ssh > 10.0.1.2.54869: Flags [.], seq 1402:1480, ack 24, win 227, options [nop,nop,TS val 11483003 ecr 1151162], length 78 09:50:29.714601 IP mydomain.com.54869 > 10.0.0.1.ssh: Flags [.], ack 32, win 229, options [nop,nop,TS val 1151173 ecr 11483003], length 0 09:50:29.714642 IP 10.0.0.1.ssh > 10.0.1.2.54869: Flags [P.], seq 1480:1600, ack 24, win 227, options [nop,nop,TS val 11483012 ecr 1151173], length 120 09:50:29.723649 IP mydomain.com.54869 > 10.0.0.1.ssh: Flags [P.], seq 1393:1959, ack 32, win 229, options [nop,nop,TS val 1151174 ecr 11483003], length 566 09:50:29.723677 IP 10.0.0.1.ssh > 10.0.1.2.54869: Flags [.], ack 24, win 227, options [nop,nop,TS val 11483015 ecr 1151173,nop,nop,sack 1 {1394:1960}], length 0 09:50:29.725688 IP mydomain.com.54869 > 10.0.0.1.ssh: Flags [.], ack 1480, win 251, options [nop,nop,TS val 1151177 ecr 11483003], length 0 09:50:29.952394 IP 10.0.0.1.ssh > 10.0.1.2.54869: Flags [P.], seq 1480:1600, ack 24, win 227, options [nop,nop,TS val 11483084 ecr 1151173,nop,nop,sack 1 {1394:1960}], length 120 09:50:29.981056 IP mydomain.com.54869 > 10.0.0.1.ssh: Flags [.], ack 1600, win 251, options [nop,nop,TS val 1151253 ecr 11483084,nop,nop,sack 1 {1480:1600}], length 0 If you need it this is my iptables configuration file: iptables: *filter :INPUT ACCEPT [144:9669] :FORWARD DROP [0:0] :OUTPUT ACCEPT [97:15649] :interfacce-trusted - [0:0] :porte-trusted - [0:0] -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A FORWARD -j interfacce-trusted -A FORWARD -j porte-trusted -A FORWARD -j REJECT --reject-with icmp-host-unreachable -A FORWARD -d 10.0.0.1/32 -p tcp -m tcp --dport 80 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT -A FORWARD -d 10.0.0.1/32 -p tcp -m tcp --dport 443 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT -A FORWARD -d 10.0.0.3/32 -p tcp -m tcp --dport 1234 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT -A interfacce-trusted -i nat -j ACCEPT -A porte-trusted -d 10.0.0.1/32 -p tcp -m tcp --dport 80 -j ACCEPT -A porte-trusted -d 10.0.0.1/32 -p tcp -m tcp --dport 443 -j ACCEPT -A porte-trusted -d 10.0.0.3/32 -p tcp -m tcp --dport 1234 -j ACCEPT COMMIT *nat :PREROUTING ACCEPT [10:600] :INPUT ACCEPT [10:600] :OUTPUT ACCEPT [4:268] :POSTROUTING ACCEPT [18:1108] -A PREROUTING -d [$EXTIP] -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.0.0.1:80 -A PREROUTING -d [$EXTIP] -p tcp -m tcp --dport 443 -j DNAT --to-destination 10.0.0.1:443 -A PREROUTING -d [$EXTIP] -p tcp -m tcp --dport 8069 -j DNAT --to-destination 10.0.0.3:1234 -A POSTROUTING -s 10.0.0.0/24 -o eth0 -m policy --dir out --pol ipsec -j ACCEPT -A POSTROUTING -s 10.0.1.0/24 -o nat -j MASQUERADE -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE COMMIT Probably I'm missing something stupid... Thanks in advance for helping :))

  Read the article

• How to specify a cipher for an SSL connection in .NET?

  - by dr. evil

  How can I specify a cipher suite to use in an SSL Connections? I know that Mentalis Seclib got this feature however they don't maintain the project as they say .NET Framework 2.0 introduced those features. However I couldn't find a way to do this in .NET Framework 3.5. To be more specific I want to connect an HTTPS service by using NULL cipher, I would do the same thing with OpenSSL by using the following command: openssl s_client -connect www.example.com:443 -cipher NULL How can I do this in .NET?

  Read the article

• SYN flooding still a threat to servers?

  - by Rob

  Well recently I've been reading about different Denial of Service methods. One method that kind of stuck out was SYN flooding. I'm a member of some not-so-nice forums, and someone was selling a python script that would DoS a server using SYN packets with a spoofed IP address. However, if you sent a SYN packet to a server, with a spoofed IP address, the target server would return the SYN/ACK packet to the host that was spoofed. In which case, wouldn't the spoofed host return an RST packet, thus negating the 75 second long-wait, and ultimately failing in its attempt to DoS the server?

  Read the article

• How to parse the MailMessage object from raw email string

  - by Xmindz

  I have written a program in C# which connects to a POP Server and retrieves raw email message strings from the server using POP3 command RETR. Since the email message being retrieved by the program is in plain text format with all the headers and message body with in the same, its too difficult to extract each header and mail body from the raw string. Could anybody tell me a solution by which I can parse the entire raw text to a System.Net.Mail.MailMessage object? Following is a sample email raw string: +OK 1281 octets Return-Path: <[email protected]> Delivered-To: samplenet-sample:[email protected] X-Envelope-To: [email protected] Received: (qmail 53856 invoked from network); 22 Sep 2012 06:11:46 -0000 Received: from mailwash18.pair.com (66.39.2.18) MIME-Version: 1.0 From: "Deepu" <[email protected]> To: [email protected] Date: 22 Sep 2012 11:41:39 +0530 Subject: TEST Subject Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Message-Id: <[email protected]> TEST Body .

  Read the article

• how do I get the IP of incoming ICMP due to UDP-send to dead client in Ruby?

  - by banister

  so.. I'm doing a small multiplayer game with blocking UDP and IO.select. To my problem.. (In the server) reading from a UDP socket (packet, sender = @socket.recvfrom(1000)) which have just sent a packet to a dead client results in a ICMP unreachable (and exception Errno::ECONNRESET in ruby). The problem is that I can't find any way whatsoever to extract the IP of that ICMP.. so I can clean out that dead client. Anyone know how to achieve this? thanks

  Read the article

• RST packet sent by the server

  - by intoTHEwild

  I am developing a client in Flash and using http req/resp to communicate with the server. For a while the session works fine and then the connection is terminated by the server. I did a wireshark sniff at the server and the last message which it sends is a RST packet. Also it happens only when I'm using IE and the server and client are in different domains. This does not happen in FireFox. I have been struggling to find a sol, till I found this thread. It's a bit old but I hope I could get some help. I am not sure if this bit of info is important but I am connecting to the server via a gateway. Any clue or suggestions for where should I look into to locate the problem ?

  Read the article

• Winsock failed to connect to local ip address

  - by JKS

  I have used the following code in a form that acts like a server, WskServer(0).Close LocalIP = WskServer(0).LocalIP WskServer(0).LocalPort = DEFAULT_TCP_PORT WskServer(0).Protocol = sckTCPProtocol txtStatus.Text = "Starting server" Call WskServer(0).Bind(DEFAULT_TCP_PORT, LocalIP) WskServer(0).Listen when i execute above code,i received the following error "Address is not available from the local machine" . If i changed the line Call WskServer(0).Bind(DEFAULT_TCP_PORT, LocalIP) to Call WskServer(0).Bind(DEFAULT_TCP_PORT, "127.0.0.1") this is working What's wrong with the code?, can anybody give the fix Update I just removed the line Call WskServer(0).Bind(DEFAULT_TCP_PORT, LocalIP) now server working properly. this way is correct or not

  Read the article

• Programatically determining maximum transfer rate

  - by dauphic

  I have a problem that requires me to calculate the maximum upload and download available, then limit my program's usage to a percentage of it. However, I can't think of a good way to find the maximums. At the moment, the only solution I can come up with is transfering a few megabytes between the client and server, then measuring how ling the transfer took. This solution is very undesirable, however, because with 100,000 clients it could potentially result in too much of an increase to our server's bandwidth usage (which is already too high). Does anyone have any solutions to this problem?

  Read the article

• What is the port for a hostname query ?

  - by Jane

  I want to query an IP to get its hostname. What is the standard port for this ? Could it be port 101 listed under "hostnames" in /etc/services ?

  Read the article

• [iptables] Why do 'iptables -A OUTPUT -j REJECT' at the end of the chain OUTPUT override the previous rules??

  - by Serge

  Those are my IPTABLES rules: iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A OUTPUT -p tcp --dport 22 -j ACCEPT iptables -A OUTPUT -p udp --dport 22 -j ACCEPT iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT iptables -A OUTPUT -p udp --dport 53 -j ACCEPT iptables -A OUTPUT -p tcp --dport 53 -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m recent --set --name DEFAULT --rsource iptables -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m recent --update --seconds 180 --hitcount 4 --name DEFAULT --rsource -j DROP iptables -A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT iptables -A OUTPUT -j REJECT iptables -A INPUT -j REJECT iptables -A FORWARD -j REJECT Im using a remote ssh conetion to set them up, but after i set: iptables -A OUTPUT -j REJECT My connection get lost. I have read all the documentation for Iptables and i can figure out anything, the global Rejects for INPUT work well because i can access to the web page but i get a timeout for ssh. Any idea? Thanks

  Read the article

• How do I execute QTcpSocket in a different thread?

  - by Regof

  How do I execute QTcpSocket functions in a different thread?

  Read the article

• What is the meaning of the TSV and TSER fields in an Ethereal dump?

  - by iamrohitbanga

  What is the meaning of the TSV and TSER fields in an Ethereal dump? I tried googling but could not find the answer.

  Read the article

• Problem in using a second call to send() in C

  - by Paulo Victor

  Hello. Right now I'm working in a simple Server that receives from client a code referring to a certain operation. The server receives this data and send back the signal that it's waiting for the proper data. /*Server Side*/ if (codigoOperacao == 0) { printf("A escolha foi 0\n"); int bytesSent = SOCKET_ERROR; char sendBuff[1080] = "0"; /*Here "send" returns an error msgm while trying to send back the signal*/ bytesSent = send(socketEscuta, sendBuff, 1080, 0); if (bytesSent == SOCKET_ERROR) { printf("Erro ao enviar"); return 0; } else { printf("Bytes enviados : %d\n", bytesSent); char structDesmontada[1080] = ""; bytesRecv = recebeMensagem(socketEscuta, structDesmontada); printf("structDesmontada : %s", structDesmontada); } } Following here is the client code responsible for sending the operation code and receiving the signal char sendMsg[1080] = "0"; char recvMsg[1080] = ""; bytesSent = send(socketCliente, sendMsg, sizeof(sendMsg), 0); printf("Enviei o codigo (%d)\n", bytesSent); /*Here the program blocks in a infinite loop since the server never send anything*/ while (bytesRecv == SOCKET_ERROR) { bytesRecv = recv(socketCliente, recvMsg, 1080, 0); if (bytesRecv > 0) { printf("Recebeu\n"); } Why this is happening only in the second attempt to send some data? Because the first call to send() works fine. Hope someone can help!! Thnks

  Read the article

• C code in Linux to C code in Windows

  - by Morano88

  I'm having a code written in C that works on Linux. I want this program to work in windows, Are there any differences that I have to make in the code ? It is a code for Server/Client communication using sockets taken from here : http://www.linuxhowtos.org/C_C++/socket.htm

  Read the article

• python httplib httpexception error codes

  - by Xavier

  Does httplib.HTTPException have error codes? If so how do I get at them from the exception instance? Any help is appreciated.

  Read the article

• What port does the iPhone App Store run on?

  - by mvid

  What is the port that the iPhone/iPod Touch use to download applications, communicate with the app store, etc?

  Read the article

• rails server stuck in close_wait and requires a re-start once in a while

  - by railscoder

  I have a rails webapp which internally connects to another request server. At times , ruby process gets stuck in close_wait state and stop responding and needs a restart. i guess this happens only when the request server which the rails app connects to is restarted. But am not completely sure of it. Any help appreciated on how should i go about debugging this issue. Thanks.

  Read the article

• How do you get the host address and port from a System.Net.EndPoint?

  - by cyclotis04

  I'm using a TcpClient passed to me from a TcpListener, and for the life of me I can't figure out a simple way to get the address and port it's connected to. The best I have so far is _client.Client.RemoteEndPoint.ToString(); which returns a string in the form FFFF::FFFF:FFFF:FFF:FFFF%00:0000. I've managed to extract the address and port using Regular Expressions, but this seems like overkill. What am I missing?

  Read the article

• Boost.Test: Looking for a working non-Trivial Test Suite Example / Tutorial

  - by Robert S. Barnes

  The Boost.Test documentation and examples don't really seem to contain any non-trivial examples and so far the two tutorials I've found here and here while helpful are both fairly basic. I would like to have a master test suite for the entire project, while maintaining per module suites of unit tests and fixtures that can be run independently. I'll also be using a mock server to test various networking edge cases. I'm on Ubuntu 8.04, but I'll take any example Linux or Windows since I'm writing my own makefiles anyways.

  Read the article

• Select calls seems to not time out.

  - by martsbradley

  HI Folks, I have a threaded C++ program where up to three threads are calling select on a three separate socket descriptors waiting for data to become available. Each thread handles one socket and adds it to the readfds with a timeout of 300 seconds. After select returns if there is data available I'm calling recv to read it. Is there anything that I need to be aware of with winsock and threads because for some reason after a number of hours the select calls all seem to be not timing out. Can a multi threaded program select from a number of threads without issue? I know that I should have one thread listening to all three sockets however that would be a large change for this app and I'm only looking to apply a bug fix. cheers, Martin.

  Read the article

• Are there any tool for monitoring HTTP response?

  - by Ole Jak

  Are there any tool for monitoring HTTP responses? so open such tool up. give it URL. And it goes to it and brings you back not only body of http response but all http response.

  Read the article

• Is there any tool for monitoring HTTP response?

  - by Ole Jak

  Is there any tool for monitoring HTTP response? so open such tool up. give it URL. And it goes to it and brings you back not only body of http response but all http response.

  Read the article

• how does teamviewer find my computer even if my comp. behind of the firewall and firewall isn't conf

  - by uzay95

  Did you use teamviewer? (comic question i know... Who doesn't use it?) Do you have any idea how does teamviewer make connection even if i am behind the router, firewall, switch and my local firewall..? I'm trying to imagine a connection that is between remote machinge and my computer. Remote machine is sending the packets (and its header (for instance, destination IP, message body)) to me but it only knows my id number(which is given by my local teamviewer application). And this packets are reaching to my computer even if there is a juniper firewall (and also my windows firewall). What kind a message body is recieving by computer? (of course it is not like xml, text, html, excel :) Do you have any idea? PS. Please share your knowledge like you are explaining to beginner level user.

  Read the article

• APF, IPTABLES, Fedora 15 - Not blocking correctly

  - by RichardW11

  I just got a new remote server which came with Fedora 15. I first tried to run APF but it gave me this error "apf(18031): {glob} unable to load iptables module (ip_tables), aborting.". Which I then set SET_MONOKERN="0" to SET_MONOKERN="1" to resolve the problem. However, with my config file showing BLK_P2P_PORTS="1214,2323,4660_4678,6257,6699,6346,6347,6881_6889,6346,7778" The ports show up as closed, instead of being filtered. Any idea why this would be happening? 22/tcp open ssh 80/tcp open http 443/tcp open https 2323/tcp closed 3d-nfsd 4662/tcp closed edonkey 6346/tcp closed gnutella 6699/tcp closed napster 6881/tcp closed bittorrent-tracker 7778/tcp closed interwise

  Read the article

• How many bits can be transfered through Ethernet at each time?

  - by Bobb

  I am writing a networking application. It has some unxpected lags. I need to calculate some figures but I cant find an information - how many bits can be transferes through Ethernet connection at each tick. I know that the resulting transfer rate is 100Mbps/1Gbps. But ethernet should use hardware ticks to sync both ends I suppose. So it moves data in ticks. So the question is how many ticks per second or how many bits per one tick used in ethernet. The actual connection is 100 Mbps full-duplex.

  Read the article

< Previous Page | 28 29 30 31 32 33 34 35 36 37 38 39  | Next Page >