LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Socket error when spoofing source address (http://www.linuxquestions.org/questions/linux-networking-3/socket-error-when-spoofing-source-address-334515/)

David Knecht 06-17-2005 05:54 AM

Socket error when spoofing source address
 
I posted this question some days ago to LinuxQuestions.org > Forums > Linux - Distributions > Suse/Novell. Since there were no responses I am now asking here...

------

Hi all,

I am trying to use a tool named "samplicate" to forward UDP traffic from my server (host A) to two IP addresses:

On host A:

/usr/local/bin/samplicate -S -p 514 127.0.0.1/50000 10.1.1.1/514

In this example, any syslog traffic (udp/514) is forwarded to 127.0.0.1/50000 as well as 10.1.1.1/514 while the original syslog clients' source addresses are
maintained/spoofed using the -S option.

While the above command works fine on a standard Fedora Core 3 system as well as on SuSE 9.0, I do not manage to get it running on a SuSE 9.2 Professional workstation.

This is the error message shown on the "samplicate" window when a
remote syslog client sends syslog traffic to the SuSE 9.2 syslog
server:

socket error: 0
socket: Operation not permitted
sending datagram to 127.0.0.1:50000 failed: Operation not permitted
socket error: 0
socket: Operation not permitted
sending datagram to 10.1.1.1:514 failed: Operation not permitted

I assume the cause is not directly related to the samplicate tool but rather to some security-related stuff on SuSE 9.2.

SELinux is disabled.

Any ideas what might cause this socket error?

The samplicate command works without any errors on a SuSE 9.2
system when omitting the -S option, but source address spoofing is a
requirement.

Thanks, David


All times are GMT -5. The time now is 10:16 AM.