顯示具有 tools - net 標籤的文章。 顯示所有文章
顯示具有 tools - net 標籤的文章。 顯示所有文章

2015年2月7日 星期六

nc — arbitrary TCP and UDP connections and listens


幾乎任何使用 TCP,UDP或UNIX-domain socket的動作都可以用nc來達成,常見的功能如。
  • simple TCP proxies
  • shell-script based HTTP clients and servers
  • network daemon testing
  • a SOCKS or HTTP ProxyCommand for ssh(1)
  • and much, much more


SYNOPSIS
     nc [-46bCDdhklnrStUuvZz] [-I length] [-i interval] [-O length]
        [-P proxy_username] [-p source_port]
        [-q seconds] [-s source] [-T toskeyword] [-V rtable]
        [-w timeout] [-X proxy_protocol] [-x proxy_address[:port]]
        [destination] [port]


options: -v, verbose

不加-v,發生錯誤時不會有訊息。
brook@vista:~$ nc 127.0.0.1 12345
brook@vista:~$ nc -v 127.0.0.1 12345
nc: connect to 127.0.0.1 port 12345 (tcp) failed: Connection refused
brook@vista:~$ nc -v 127.0.0.1 80
Connection to 127.0.0.1 80 port [tcp/http] succeeded!
輸入GET / HTTP/1.1
輸入HOST: 127.0.0.1
輸入[enter]
輸入[enter]

HTTP/1.1 200 OK
Date: Tue, 27 Jan 2015 08:24:17 GMT
Server: Apache/2.2.22 (Ubuntu)
Last-Modified: Mon, 23 Dec 2013 04:13:45 GMT
ETag: "1b806ff-b1-4ee2bdaa24ac8"
Accept-Ranges: bytes
Content-Length: 177
Vary: Accept-Encoding
Content-Type: text/html
X-Pad: avoid browser bug

<html><body><h1>It works!</h1>
<p>This is the default web page for this server.</p>
<p>The web server software is running but no content has been added, yet.</p>
</body></html>


options: -l, listen for an incoming connection rather than initiate a connection to a remote host

等同開socket在listen,預設是tcp。
brook@vista:~$ nc -l 127.0.0.1 5000 -> server
brook@vista:~$ netstat -nal | grep 5000
tcp        0      0 127.0.0.1:5000          0.0.0.0:*               LISTEN
brook@vista:~$ nc 127.0.0.1 5000 -> client


options: -u, Use UDP instead of the default option of TCP.

使用UDP取代預設的TCP
brook@vista:~$ nc -lu 127.0.0.1 5000 -> server
brook@vista:~$ nc -u 127.0.0.1 5000 -> client


使用nc當Web Server

{ echo -ne "HTTP/1.0 200 OK\r\nContent-Length: $(wc -c < some.file)\r\n\r\n"; cat some.file; } | nc -l 5050
開啟Browser,http://127.0.0.1:5050/,就可以看到網頁了。

Works as a Port Scanner

brook@vista:~$ nc -v -z 127.0.0.1 80-200 2>&1 | grep -v failed
Connection to 127.0.0.1 80 port [tcp/http] succeeded!
Connection to 127.0.0.1 139 port [tcp/netbios-ssn] succeeded!


Transfering Files

sender
brook@vista:~$ md5sum usb_eth.txt
2367562f85f99fe972b9d6a83ce38099  usb_eth.txt
brook@vista:~$ tar cvf - usb_eth.txt | nc 127.0.0.1 5000
usb_eth.txt

receiver
brook@vista:/tmp$ nc -l 5000 | tar xvf -
usb_eth.txt
brook@vista:/tmp$ md5sum usb_eth.txt
2367562f85f99fe972b9d6a83ce38099  usb_eth.txt


Git Proxy

以下的Script是我拿用當gitproxy用的
#!/bin/bash
# http://tech-tacolin.blogspot.tw/2013/04/git-http-proxy.html
PROXY=1.2.3.4
PROXYPORT=3128
case $1 in
    192.168.1.1 | internal-ip)
        nc -X connect $*
        ;;
    *)
        nc -x $PROXY:$PROXYPORT -X connect $*
        ;;
esac


    參考資料
  1. Netcat WIKI
  2. Netcat(Linux nc 指令)網路管理者工具實用範例



2013年9月7日 星期六

DHCPv6-PD


DHCPv6 Prefix Delegation (DHCPv6-PD)定義在RFC 3633,是DHCPv6的extension (option)。主要是用來和DHCPv6-PD server要求prefix給DHCPv6-PD client其他的interface。

Network layout如下:


Server端是Windows,使用dibber,設定檔如下(server.conf):
# Logging level range: 1(Emergency)-8(Debug)
log-level 8

# Don't log full date
log-mode short

iface "區域連線 35"
{

# clients should renew every half an hour
 T1 1800

# In case of troubles, after 45 minutes, ask any server
 T2 2700

# Addresses should be prefered for an hour
 prefered-lifetime 3600

# and should be valid for 2 hours
 valid-lifetime 7200
 
 class {
   pool 5000:1234::/48
 }

 # the following lines instruct server to grant each client
 # 1 or 2 prefixes (if you have uncommented second line with pd-pool or not). 
 # For example, client might get
 # 2222:2222:2222:222:2222:993f:6485:0/112 and 
 # 1111:1111:1111:1111:1111::993f:6485:0/112
 pd-class {
        pd-pool 2222:2222:1234::/48
        pd-length 48
        T1 11111
        T2 22222
    }
 
}


pd-pool 2222:2222:1234::/48
DHCPv6-PD server管理的prefix為2222:2222:1234::/48

pd-length 48
切割單位為48,等於全部發送出去。如果pd-length 56,則會切分2^(56-48) = 256個單位分發。也就是client會收到Prefix length = 56,Prefix Address = 2222:2222:1234:xx00::的訊息。


Client端是Linux,使用wide-dhcpv6,設定檔如下(/tmp/dhcp6c.conf):
interface br0 {
   send ia-pd 1;
};

id-assoc pd 1 {
    prefix-interface usb0 {
        sla-id 2;
    };
    prefix-interface usb1 {
        sla-id 3;
    };
};


send ia-pd 1:
送出id為1的pd請求

sla-len:
這裡省略了sla-len,sla-len的設定原則如下:
64 - (The length of the delegation you are getting)
如Server的pd-length為48,那麼這邊的sla-len就要設16,不過可以省略不設。

sla-id 0:
設定prefix id,範圍為0 ~ 2^sla-len,如 sla-len = 8,那麼範圍就是0~255。


執行結果
root@lte-iad:/ramdisk/tmp# ifconfig usb0
usb0      Link encap:Ethernet  HWaddr 11:22:33:E0:E3:B9
          inet6 addr: fe80::1122:33ff:fee0:e3b9/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX byt.s:RX1920 (1.8 KiB)

root@lte-iad:/ramdisk/tmp# ifconfig usb1
usb1      Link encap:Ethernet  HWaddr 11:22:33:07:16:C7
          inet6 addr: fe80::1122:33ff:fe07:16c7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:18 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:1700 (1.6 KiB)

root@lte-iad:/ramdisk/tmp# ifconfig br0
br0       Link encap:Ethernet  HWaddr 11:22:33:97:F0:E6
          inet6 addr: fe80::1122:33ff:fe97:f0e6/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:630 errors:0 dropped:0 overruns:0 frame:0
          TX packets:14577 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:75873 (74.0 KiB)  TX bytes:10922a79 (1.0 MiB)

root@lte-iad:/ramdisk/tmp# dhcp6c -c /tmp/dhcp6c.conf br0
Line: 418 *** family: 10, socktype: 1, protocol: 17, flags: 1, (sockaddr) address: ::, address len: 28 ***
Line: 502 *** family: 10, socktype: 1, protocol: 17, flags: 0, (sockaddr) addres,s: ff02::1:2, address len: 28 ***

root@lte-iad:/ramdisk/tmp# ifconfig usb0
usb0      Link encap:Ethernet  HWaddr 11:22:33:E0:E3:B9
          inet6 addr: 2222:2222:1234:2:1122:33ff:fee0:e3b9/64 Scope:Global
          inet6 addr: fe80::1122:33ff:fee0:e3b9/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:51 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:5090 (4.9 KiB)

root@lte-iad:/ramdisk/tmp# ifconfig usb1
usb1      Link encap:Ethernet  HWaddr 11:22:33:07:16:C7
          inet6 addr: 2222:2222:1234:3:1122:33ff:fe07:16c7/64 Scope:Global
          inet6 addr: fe80::1122:33ff:fe07:16c7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:50 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:4928 (4.8 KiB)

root@lte-iad:/ramdisk/tmp# ifconfig br0
br0       Link encap:Ethernet  HWaddr 11:22:33:97:F0:E6
          inet6 addr: fe80::1122:33ff:fe97:f0e6/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1086 errors:0 dropped:0 overruns:0 frame:0
          TX packets:30600 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:134671 (131.5 KiB)  TX bytes:2324630 (2.2 MiB)







2011年12月18日 星期日

Turn your Linux computer into a wireless access point using hostapd


話說手持無線裝置越來越多,習慣晚上用我的android手機上網,不過有天竟然把AP帶回老家忘記帶回來,只好拿我的HP Compaq CQ45來充當AP了,網路上已經很多Turn your Linux computer into a wireless access point using hostapd這類的文章了,我就不多加闡述,只是單純的紀錄。
我的CQ45的網卡是Broadcom的Chip,用的Linux kernel是3.0.0,預設的wireless driver是去load wl.ko,產生的interface name是eth1,不過hostap好像不支援,也沒去深究他,索性把他換成舊的b43.ko,然後簡單設定一下hostapd.conf就執行hostapd了。

hostapd.conf
ssid=test
hw_mode=g
channel=1
interface=wlan1
#bridge=br1
driver=nl80211
ignore_broadcast_ssid=0
macaddr_acl=0
wmm_enabled=0

接著還要設定wireless的IP,不過我並沒有啟動DHCP server,Client端就用靜態IP吧。

接著還要讓我的NB具有route和NAT的功能,請執行
sudo iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
sudo sysctl -w sys.net.ipv4.conf.all.forwarding=1




2010年3月29日 星期一

vconfig


802.1Q VLAN很早就被納入kernel中,而MAC-VLAN在2.6.29版時納入。在編譯kernel時,需要將VLAN編譯進去,接著就可以透過vconfig/ip進行操作,不過建議使用ip。

ip
Usage: ip link add link DEV [ name ] NAME
                   [ txqueuelen PACKETS ]
                   [ address LLADDR ]
                   [ broadcast LLADDR ]
                   [ mtu MTU ]
                   type TYPE [ ARGS ]
       ip link delete DEV type TYPE [ ARGS ]

       ip link set DEVICE [ { up | down } ]
                   [ arp { on | off } ]
                   [ dynamic { on | off } ]
                   [ multicast { on | off } ]
                   [ allmulticast { on | off } ]
                   [ promisc { on | off } ]
                   [ trailers { on | off } ]
                   [ txqueuelen PACKETS ]
                   [ name NEWNAME ]
                   [ address LLADDR ]
                   [ broadcast LLADDR ]
                   [ mtu MTU ]
                   [ netns PID ]
     [ alias NAME ]
       ip link show [ DEVICE ]

TYPE := { vlan | veth | dummy | ifb | macvlan }

vconfig
Usage: add             [interface-name] [vlan_id]
       rem             [vlan-name]
       set_dflt        [interface-name] [vlan_id]
       add_port        [port-name]      [vlan_id]
       rem_port        [port-name]      [vlan_id]
       set_egress_map  [vlan-name]      [skb_priority]   [vlan_qos]
       set_ingress_map [vlan-name]      [skb_priority]   [vlan_qos]
       set_name_type   [name-type]
       set_bind_mode   [bind-type]

對於VLAN Net Device的命名規則則有四種:
  • VLAN_PLUS_VID (vlan0005)
  • VLAN_PLUS_VID_NO_PAD (vlan5)
  • DEV_PLUS_VID (eth0.0005)
  • DEV_PLUS_VID_NO_PAD (eth0.5)


double-tag
所謂的double tag,就是在vlan上,再切vlan,所以在linux的指令也就是vconfig add <vlan_netdev> <vid>。






參考資料:
http://www.candelatech.com/~greear/vlan.html

2010年1月16日 星期六

ubuntu package - pppoeconf


在Ubuntu上的NetworkManager(0.7.996)似乎對於xDSL連線還是有些問題,不過還是可以透過pppoeconf這個古老的設定程式進行設定連線,下面就貼一些圖供大家參考嚕。

顯示pppoeconf找到的網路介面,要注意的是看您的pppoe介面是否有在這個list中。





如果你的帳號或者連線的介面卡有變更,也是可以修改這個檔案的。



輸入帳號。



密碼。



確認真的有取得IP。

一旦將interface在/etc/network/interfaces中作設定,NetworkManager就不會作管理,所以,設定完我還是把dsl-provider自/etc/network/interfaces移除,然後透過pon/poff/plog操作我的dsl連線(個人特殊的環境的小改變啦)。


2010年1月4日 星期一

ubuntu package - bind9-host


host主要拿來作DNS的lookup,和nslookup一樣,可以作正解(lookup/由domain name找到IP),也可以作反解(reverse lookup/由IP找到domain name),大多數的User比較常接觸到的是正解。
brook@ubuntu:~$ host dns.hinet.net
dns.hinet.net has address 168.95.1.1
brook@ubuntu:~$ 
brook@ubuntu:~$ host 168.95.1.1
1.1.95.168.in-addr.arpa domain name pointer dns.hinet.net.
brook@ubuntu:~$ 
brook@ubuntu:~$ host www.google.com
www.google.com is an alias for www.l.google.com.
www.l.google.com has address 72.14.203.99
www.l.google.com has address 72.14.203.147
www.l.google.com has address 72.14.203.104
www.l.google.com has address 72.14.203.103
www.l.google.com has address 72.14.203.105
www.l.google.com has address 72.14.203.106
brook@ubuntu:~$ 
brook@ubuntu:~$ host 72.14.203.99
99.203.14.72.in-addr.arpa domain name pointer tx-in-f99.1e100.net.

建議參考資料︰
  http://linux.vbird.org/linux_server/0350dns.php
  http://plog.longwin.com.tw/news_security/2005/11/06/dns_error_top_3

2009年11月12日 星期四

atftp on ubuntu


在ubuntu上安裝atftp當然就是一個指令搞定,不過有些東西要小改一下。
apt-get install atftpd

首先,不要直接修改/etc/init.d/atftpd了,改/etc/default/atftpd即可。
USE_INETD=false
OPTIONS="--daemon --tftpd-timeout 300 --retry-timeout 5 --mcast-port 1758 --mcast-addr 239.239.239.0-255 --mcast-ttl 1 --maxthread 100 --verbose=5 /var/lib/tftpboot"
沒有加--daemon會出現以下錯誤。
如果出現
atftpd: can't bind port :69/udp

就把/etc/inetd.conf的tftp註解掉。



熱門文章