Socket error when spoofing source address
Hi all,
I am trying to use a tool named "samplicate" to forward UDP traffic from my server (host A) to two IP addresses:
On host A:
/usr/local/bin/samplicate -S -p 514 127.0.0.1/50000 10.1.1.1/514
In this example, any syslog traffic (udp/514) is forwarded to 127.0.0.1/50000 as well as 10.1.1.1/514 while the original syslog clients' source addresses are
maintained/spoofed using the -S option.
While the above command works fine on a standard Fedora Core 3 system as well as on SuSE 9.0, I do not manage to get it running on a SuSE 9.2 Professional workstation.
This is the error message shown on the "samplicate" window when a
remote syslog client sends syslog traffic to the SuSE 9.2 syslog
server:
socket error: 0
socket: Operation not permitted
sending datagram to 127.0.0.1:50000 failed: Operation not permitted
socket error: 0
socket: Operation not permitted
sending datagram to 10.1.1.1:514 failed: Operation not permitted
I assume the cause is not directly related to the samplicate tool but rather to some security-related stuff on SuSE 9.2.
SELinux is disabled.
Any ideas what might cause this socket error?
The samplicate command works without any errors on a SuSE 9.2
system when omitting the -S option, but source address spoofing is a
requirement.
Thanks, David
|