LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 06-17-2005, 05:54 AM   #1
David Knecht
LQ Newbie
 
Registered: Jun 2005
Posts: 2

Rep: Reputation: 0
Socket error when spoofing source address


I posted this question some days ago to LinuxQuestions.org > Forums > Linux - Distributions > Suse/Novell. Since there were no responses I am now asking here...

------

Hi all,

I am trying to use a tool named "samplicate" to forward UDP traffic from my server (host A) to two IP addresses:

On host A:

/usr/local/bin/samplicate -S -p 514 127.0.0.1/50000 10.1.1.1/514

In this example, any syslog traffic (udp/514) is forwarded to 127.0.0.1/50000 as well as 10.1.1.1/514 while the original syslog clients' source addresses are
maintained/spoofed using the -S option.

While the above command works fine on a standard Fedora Core 3 system as well as on SuSE 9.0, I do not manage to get it running on a SuSE 9.2 Professional workstation.

This is the error message shown on the "samplicate" window when a
remote syslog client sends syslog traffic to the SuSE 9.2 syslog
server:

socket error: 0
socket: Operation not permitted
sending datagram to 127.0.0.1:50000 failed: Operation not permitted
socket error: 0
socket: Operation not permitted
sending datagram to 10.1.1.1:514 failed: Operation not permitted

I assume the cause is not directly related to the samplicate tool but rather to some security-related stuff on SuSE 9.2.

SELinux is disabled.

Any ideas what might cause this socket error?

The samplicate command works without any errors on a SuSE 9.2
system when omitting the -S option, but source address spoofing is a
requirement.

Thanks, David
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
MAC Address spoofing on alias/secondary interface tara Linux - Networking 3 08-31-2005 09:22 PM
Socket error when spoofing source address David Knecht Suse/Novell 0 06-15-2005 07:01 AM
detect mac address spoofing bensky Linux - Security 1 03-13-2005 12:23 AM
Problem spoofing mac address colombo187 Linux - Networking 1 02-05-2005 08:27 PM
Need help spoofing MAC address, ifconfig down seems to remove wireless card sicc Linux - Wireless Networking 0 11-30-2004 02:42 AM


All times are GMT -5. The time now is 12:24 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration