LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-06-2008, 01:29 PM   #1
jchambers
Member
 
Registered: Aug 2007
Location: California
Distribution: Debian
Posts: 127

Rep: Reputation: 15
udp port block mystery


Hello again --

I keep getting a "connection refused" error in my application when trying to send packs from one port to another (same server). It works fine if I use tcp but not udp.

I was told to use netcat to test the ports but I have yet to use it successfully. Is this even remotely close to correct?
Code:
netcat 127.0.0.1:8080 -u -s 192.168.1.50 -p 8080 -w 3
error: "127.0.0.1:8080: forward host lookup failed: Unknown host"

My goal is to figure out why udp 192.168.1.50:8080 is not accepting packets.


Here is the firewall
Code:
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     0    --  localhost            localhost
ACCEPT     0    --  default              anywhere
ACCEPT     0    --  anywhere             anywhere
ACCEPT     0    --  anywhere             anywhere            state ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request state NEW,RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:www
ACCEPT     udp  --  anywhere             anywhere            udp dpt:8084
ACCEPT     udp  --  anywhere             anywhere            udp dpt:8080
ACCEPT     0    --  192.168.1.50         anywhere
DROP       tcp  --  anywhere             anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN state NEW
DROP       tcp  --  anywhere             anywhere            tcp flags:FIN,SYN/FIN,SYN
DROP       tcp  --  anywhere             anywhere            tcp flags:SYN,RST/SYN,RST
DROP       tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG
DROP       tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN
DROP       tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
DROP       tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     0    --  anywhere             anywhere
ACCEPT     0    --  default              anywhere
ACCEPT     icmp --  anywhere             anywhere            icmp echo-reply state RELATED,ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request state NEW,RELATED,ESTABLISHED
... and here is netstat
Code:
netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:113             0.0.0.0:*               LISTEN
tcp        0      0 0.0.0.0:56151           0.0.0.0:*               LISTEN
tcp6       0      0 :::80                   :::*                    LISTEN
tcp6       0      0 :::22                   :::*                    LISTEN
tcp6       0      0 ::ffff:207.181.2.83:22  ::ffff:75.24.245.2:4742 ESTABLISHED
tcp6       0      0 ::ffff:207.181.2.83:22  ::ffff:75.24.245.2:4745 ESTABLISHED
tcp6       0    680 ::ffff:207.181.2.83:22  ::ffff:75.24.245.2:1230 ESTABLISHED
tcp6       0      0 ::ffff:207.181.2.83:22  ::ffff:75.24.245.2:4781 ESTABLISHED
udp        0      0 0.0.0.0:32768           0.0.0.0:*
udp        0      0 0.0.0.0:645             0.0.0.0:*
udp        0      0 0.0.0.0:111             0.0.0.0:*
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags       Type       State         I-Node Path
unix  2      [ ]         DGRAM                    3157     @/org/kernel/udev/udevd
unix  2      [ ACC ]     STREAM     LISTENING     5433     /var/run/acpid.socket
unix  4      [ ]         DGRAM                    5346     /dev/log
unix  3      [ ]         STREAM     CONNECTED     20616
unix  3      [ ]         STREAM     CONNECTED     20615
unix  3      [ ]         STREAM     CONNECTED     20614
unix  3      [ ]         STREAM     CONNECTED     20613
unix  3      [ ]         STREAM     CONNECTED     18874
unix  3      [ ]         STREAM     CONNECTED     18873
unix  3      [ ]         STREAM     CONNECTED     18872
unix  3      [ ]         STREAM     CONNECTED     18871
unix  2      [ ]         DGRAM                    5544
unix  2      [ ]         DGRAM                    5361
 
Old 01-06-2008, 11:46 PM   #2
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
Is it meaningful in your case to send udp packets to an external interface on the same server? What is the purpose of this exactly? I ask because if you're testing firewall rules, you should be doing this from another box.

Check the nc(1) (or netcat(1) manpages for you, I guess..?) manpages.

Quote:
SYNOPSIS
nc [-46DdhklnrStUuvz] [-i interval] [-p source_port]
[-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol] [-x
proxy_address[:port]] [hostname] [port[s]]
I don't see a format/series of options that matches what you've specified. From another box, instead use:
$ nc -u 192.168.1.50 8080

You can monitor the packets on that host with tcpdump if needed.

Last edited by anomie; 01-06-2008 at 11:47 PM.
 
Old 01-06-2008, 11:53 PM   #3
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
Alternatively, you can use nmap from another box:
# nmap -P0 -sU 192.168.1.50 -p 8080

I had a conversation with someone about this recently; I've (personally) had some strange results using netcat to send udp packets / perform udp scans.

Last edited by anomie; 01-06-2008 at 11:56 PM.
 
Old 01-07-2008, 01:29 AM   #4
jchambers
Member
 
Registered: Aug 2007
Location: California
Distribution: Debian
Posts: 127

Original Poster
Rep: Reputation: 15
Hi anomie, thank you for the response.

I am sending video back to that port so others can grab it. (make sense?)

I'll try your suggestion using nmap.

Also I have used tcpdump on that box, I could see the incoming packets but not the loop back packets.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
nmap and a floating mystery port slakmagik Linux - Security 4 03-21-2005 03:46 AM
mystery open port? ryedunn Linux - Security 6 01-15-2005 07:55 PM
UDP Port 1697 RandomIZE Linux - Networking 5 03-23-2004 04:47 PM
closing port 68/udp? antik Linux - Security 1 09-26-2003 01:26 PM
How do I open up a UDP port? Dirt Linux - Networking 9 06-06-2003 06:50 PM


All times are GMT -5. The time now is 09:15 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration