Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
01-06-2008, 01:29 PM
|
#1
|
Member
Registered: Aug 2007
Location: California
Distribution: Debian
Posts: 127
Rep:
|
udp port block mystery
Hello again --
I keep getting a "connection refused" error in my application when trying to send packs from one port to another (same server). It works fine if I use tcp but not udp.
I was told to use netcat to test the ports but I have yet to use it successfully. Is this even remotely close to correct?
Code:
netcat 127.0.0.1:8080 -u -s 192.168.1.50 -p 8080 -w 3
error: " 127.0.0.1:8080: forward host lookup failed: Unknown host"
My goal is to figure out why udp 192.168.1.50:8080 is not accepting packets.
Here is the firewall
Code:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT 0 -- localhost localhost
ACCEPT 0 -- default anywhere
ACCEPT 0 -- anywhere anywhere
ACCEPT 0 -- anywhere anywhere state ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT icmp -- anywhere anywhere icmp echo-request state NEW,RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:www
ACCEPT udp -- anywhere anywhere udp dpt:8084
ACCEPT udp -- anywhere anywhere udp dpt:8080
ACCEPT 0 -- 192.168.1.50 anywhere
DROP tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN state NEW
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN
DROP tcp -- anywhere anywhere tcp flags:SYN,RST/SYN,RST
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT 0 -- anywhere anywhere
ACCEPT 0 -- default anywhere
ACCEPT icmp -- anywhere anywhere icmp echo-reply state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere icmp echo-request state NEW,RELATED,ESTABLISHED
... and here is netstat
Code:
netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:113 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:56151 0.0.0.0:* LISTEN
tcp6 0 0 :::80 :::* LISTEN
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 ::ffff:207.181.2.83:22 ::ffff:75.24.245.2:4742 ESTABLISHED
tcp6 0 0 ::ffff:207.181.2.83:22 ::ffff:75.24.245.2:4745 ESTABLISHED
tcp6 0 680 ::ffff:207.181.2.83:22 ::ffff:75.24.245.2:1230 ESTABLISHED
tcp6 0 0 ::ffff:207.181.2.83:22 ::ffff:75.24.245.2:4781 ESTABLISHED
udp 0 0 0.0.0.0:32768 0.0.0.0:*
udp 0 0 0.0.0.0:645 0.0.0.0:*
udp 0 0 0.0.0.0:111 0.0.0.0:*
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ] DGRAM 3157 @/org/kernel/udev/udevd
unix 2 [ ACC ] STREAM LISTENING 5433 /var/run/acpid.socket
unix 4 [ ] DGRAM 5346 /dev/log
unix 3 [ ] STREAM CONNECTED 20616
unix 3 [ ] STREAM CONNECTED 20615
unix 3 [ ] STREAM CONNECTED 20614
unix 3 [ ] STREAM CONNECTED 20613
unix 3 [ ] STREAM CONNECTED 18874
unix 3 [ ] STREAM CONNECTED 18873
unix 3 [ ] STREAM CONNECTED 18872
unix 3 [ ] STREAM CONNECTED 18871
unix 2 [ ] DGRAM 5544
unix 2 [ ] DGRAM 5361
|
|
|
01-06-2008, 11:46 PM
|
#2
|
Senior Member
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Rep:
|
Is it meaningful in your case to send udp packets to an external interface on the same server? What is the purpose of this exactly? I ask because if you're testing firewall rules, you should be doing this from another box.
Check the nc(1) (or netcat(1) manpages for you, I guess..?) manpages.
Quote:
SYNOPSIS
nc [-46DdhklnrStUuvz] [-i interval] [-p source_port]
[-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol] [-x
proxy_address[:port]] [hostname] [port[s]]
|
I don't see a format/series of options that matches what you've specified. From another box, instead use:
$ nc -u 192.168.1.50 8080
You can monitor the packets on that host with tcpdump if needed.
Last edited by anomie; 01-06-2008 at 11:47 PM.
|
|
|
01-06-2008, 11:53 PM
|
#3
|
Senior Member
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Rep:
|
Alternatively, you can use nmap from another box:
# nmap -P0 -sU 192.168.1.50 -p 8080
I had a conversation with someone about this recently; I've (personally) had some strange results using netcat to send udp packets / perform udp scans.
Last edited by anomie; 01-06-2008 at 11:56 PM.
|
|
|
01-07-2008, 01:29 AM
|
#4
|
Member
Registered: Aug 2007
Location: California
Distribution: Debian
Posts: 127
Original Poster
Rep:
|
Hi anomie, thank you for the response.
I am sending video back to that port so others can grab it. (make sense?)
I'll try your suggestion using nmap.
Also I have used tcpdump on that box, I could see the incoming packets but not the loop back packets.
|
|
|
All times are GMT -5. The time now is 09:33 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|