The Transport Control Protocol (TCP) is a low-level part of the protocol stack used by the Internet. It sits directly above the IP layer and is responsible for making sure that dropped packets are resent.
1
vote
1answer
32 views
Linux TCP stack not forwarding data to my application
I am using curl to send a HTTP request but curl app is not receiving response.
I tried to debug it using tcpdump and found that remote server is responding with data (HTTP 302 Found) but my curl ...
0
votes
0answers
15 views
Details about TCP connections
I have a problem the JVM opens a lot of TCP connections and I have no idea why.
tcp6 1 0 localhost:4431 localhost:44178 CLOSE_WAIT 2393/java
tcp6 1 0 ...
2
votes
1answer
42 views
TCP: One PC can connect to other's listening port but not vice versa
I have a local network (doesn't really matter if it's VPN or real local network - I've tried both).
One computer running Linux Mint opens a socket with
mint$ nc -l 4242
And the second one running ...
5
votes
2answers
72 views
Is accepting RELATED,ESTABLISHED for all sources in iptables considered “too open”?
I've often seen the rule -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT applied. Whilst I'm not an expert, that particular line concerns me. It's pretty obvious that the rule allows all ...
2
votes
0answers
12 views
Out of order Packet Reassembly for dnat rule using iptables
We all know that packet reassembly only occurs at the destination or in between hops(when security devices need to inspect packet for threat detection or for signature macthing).
Consider a scenario ...
1
vote
0answers
27 views
FTP connection issue in UNIX
So cisco intrusion prevention system(IPS) runs on UNIX platform.
we have been facing this FTP issue where the three way handshake gets completed, the ftp sends a FTP 220 request to the IPS. But the ...
1
vote
0answers
15 views
iptraf shows traffic on UDP/443, why?
Somehow, iptraf is telling me that I am getting traffic via port 443 in UDP instead of TCP.
I checked the firewall several times, and UDP port 443 is definitely not open. I have that TCP port (...
1
vote
0answers
33 views
How to clone cable network configuration from Windows 10 to Linux? [closed]
It is possible to clone exact network configuration from Windows 10 to Linux?
I asking because in Linux (Ubuntu 16.04, Ubuntu 14.04, Fedora 24 and ArchLinux) after some random time cable Internet ...
3
votes
0answers
40 views
TCP/IP relay from one client to multiple clients
I'm looking for a linux tool to run under fedora that will open a tcp/ip socket for listening, let it connect multiple clients on the same port. Then when one client sends a message relay it to all ...
3
votes
3answers
60 views
SSH-like session that survives physical network disconnection
I want my SSH login session to remain connected after the computer goes to sleep and wakes up. From what I understand TCP can survive intermittent network problems, so can I change settings so that it ...
0
votes
1answer
22 views
Disable tcp connections after a certain number of clients have connected.
We are running Linux and have a Ruby application that needs to accept exactly 4 connections and then not accept any more until one of the clients drops off. The reason I ask this here is there should ...
1
vote
1answer
18 views
Log closed tcp connections with iptables
I can easily log new tcp connections with iptables like this:
iptables -A INPUT -p tcp -dport XYZ -m state --state NEW -j LOG
Is there a way to log when a connection is closed?
1
vote
2answers
30 views
Two apps have to bind to the same port
I have two apps that use the same tcp port (and same interface) for the monitoring console, not the main port of application. I am not interested in use that port, and I cannot change the source code ...
0
votes
0answers
16 views
is there some way to explicitly block wildcard listeners at the OS level? (not IPTables)
I have services that listens on higher ports like 5666, 42313 and many more. These services should not be exposed on public IP but at the same time should be accessible from internal network.
I had ...
1
vote
0answers
38 views
Linux slow outgoing connection
I have Debian 8.5 installed and I am facing really strange issue:
Establishing new connection from my linux server to any other server is taking up to 40 seconds. Incoming connections are fine. For ...
0
votes
1answer
13 views
Will the load average of my Linux box increase if it reaches file descriptors or TCP connections limit?
Will the load average of my Linux box increase if it reaches file descriptors or TCP connections limit ?
0
votes
0answers
71 views
Linux 'ss' command - TCP connections
I am getting below output/summary while running few gatling & AB perf test as a result of command -
$ ss -stplu
Output -
Total: 517 (kernel 0)
TCP: 11261 (estab 3, closed 11254, orphaned 1, ...
2
votes
1answer
111 views
Disable TCP packet processing by Linux Kernel on a specific port
I'm working on a TCP/IP stack, that currently runs from Linux user space using raw sockets.
To test this, I need to disable the Linux Kernel TCP code for a specific port, so that the kernel doesn't ...
1
vote
0answers
30 views
Socat exec script in tunnel
I am running a tunnel like this:
socat TCP-LISTEN:9090,fork TCP:192.168.1.3:9090
I would like to run a script to execute code with the strings passing through the tunnel.
The script does not change ...
0
votes
1answer
127 views
In linux does “/proc/sys/net/ipv4/tcp_keepalive_time” has impact on both client & server?
We have a machine running on linux where we are exposing & also consuming SOAP based web services that use Keep Alive settings. Now when we change the TCP keep alive time out value by setting "/...
9
votes
1answer
597 views
Are /dev/{udp,tcp} standardized or available everywhere?
I've recently learned about the /dev/udp and /dev/tcp pseudo-devices here. Are they specific to some GNU/Linux distributions or can I find them on other unix systems?
Are they standardized in some ...
1
vote
1answer
33 views
How to capture Network traces containing only a specific string?
I have a Adapter installed and working on RHEL server which faces disconnection when a particular signal message is sent from the Source to which this adapter is connected.
In order to capture the ...
0
votes
0answers
16 views
moving tcp flows between interfaces and recovering traffic
Lets say, I have two machines A and B.
Both have a 2 port 10G NIC. Let their interfaces names be eth0 and eth1 respectively.
Let eth0 of machine A be connected to eth0 of machine B.
And eth1 of ...
0
votes
1answer
50 views
curl hangs during http download
I have a VM running CentOS 6. On this Linux box, I run 4 curl download concurrently.
In some case, one of the curl download hangs. ps shows that curl process is still there. And netstat shows the ...
0
votes
1answer
32 views
Oracle Linux 5: 21% received packet drop
This is what I'm seeing:
# netstat -i
Kernel Interface table
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
bond0 1500 0 703449 0 147463 0 ...
1
vote
0answers
49 views
Port open high for a few moments more often
I have a dns server running bind without iptables configuration. Running some scanners with nmap, I found that no root in some high moments ports are open but soon close, and stay in that loop. When I ...
3
votes
1answer
56 views
Wrapper to prevent a program from accessing non-local connections
Consider a program server which binds to '*' and listens for incoming connections. I only connect to server from localhost and I do not want external users to be able to connect to it. However, the ...
0
votes
1answer
76 views
fast retransmit does not work
Fast retransmit says that if 3 dupacks have been received by sender, then the sender should retransmit the lost packet. But my tcpdump output shows that it didn't work like this. It didn't retransmit ...
3
votes
1answer
68 views
Use OpenVPN on TCP 443 without it interfering with my web server
I have a VPS running Debian with a LAMP install. It doesn't get much use so I'd like to install OpenVPN to use as my own personal VPN. However, I want to use TCP port 443 (to avoid firewalls).
How ...
0
votes
1answer
52 views
Where has /dev/tcp gone? [duplicate]
/dev/tcp is often mentioned in many sources, and I think I saw it in Ubuntu not so long ago. Now, in Debian Jessie, I can't find it. The same with /dev/udp.
tomasz@E4200:/dev$ ls
agpgart dm-...
6
votes
2answers
63 views
How to limit range of random port sockets?
There's a binary that I need to run which uses bind with a port argument of zero, to get a random free port from the system. Is there a way I can constrain the range of ports the kernel is allowed to ...
3
votes
1answer
77 views
TCP flows coexisting with UDP when using SFQ (stochastic fair queuing)
I am simulating a network where I limited and modified all the interfaces using TC (traffic control). My interfaces are of the form HTB --- SFQ (it is a little bit more complex but I will simplify ...
1
vote
1answer
94 views
create listening port on IPV6 WITHOUT netcat
I wish to be able to listen to a port (eventually creating a bind shell) on an IPV6 address.
I have tried using the netcat installed on the linux (debian) machine I am trying to bind. sadly it seems ...
3
votes
1answer
135 views
unbind port of crashed program
is there any way to unbind a port that was previously binded by a program that crashed at some time?
I don't like to reboot the development-machine every hour.
1
vote
0answers
28 views
Are source IPs included in Linux's Ephemeral Port Uniqueness?
From http://aleccolocco.blogspot.com/2008/11/ephemeral-ports-problem-and-solution.html (2008)
Linux shares the assigned list of ephemeral ports across all local IPs
for unconnected sockets.
Has ...
0
votes
1answer
56 views
iptables rules to access/mount a remote NFS server
Actually when iptables rules are not cleared, trying to mount a remote NFS share failed with a timeout. After a reset of iptables rules, i'm allowed to mount properly the NFS remote server.
What are ...
4
votes
1answer
73 views
Why does reading /proc/net/tcp take a long time ss is quick to return the same sort of data about the connections table?
On Linux 2.6.32, if you read (for example, cat) /proc/net/tcp, on a very loaded system (for example, a web server), you will find that reading 100K entries takes over 30 seconds. That's a long time. ...
0
votes
1answer
90 views
Iptables Help redirecting specific TCP/UDP Ports to VPN (tun1)
So I have a linux based router and have a vpn client set up to route traffic through the vpn and isp per iptables commands i am attempting to route specific tcp and all udp ports through the vpn only ...
1
vote
0answers
51 views
Port netcat request info to bash script
I have this super simple TCP server that takes requests and returns the output of handler.sh:
#!/bin/bash
while true ; do nc -l -p 1234 -e handler.sh; done
I'd like to port the requested path to ...
17
votes
1answer
934 views
How to terminate a TCP connection established by bash itself?
I have used exec 3<>/dev/tcp/192.168.0.101/6435 to establish a TCP connection with 192.168.0.101:6435. And I have received as well as sent a few messages with the pipe command.
Now, I want to ...
1
vote
1answer
80 views
TCP over TUN: SYN/ACK is received, but no ACK is generated, and socket remains in SYN_SENT state
I am tunneling an outgoing TCP connection over a TUN interface set up by a program I wrote. The TUN interface basically just relays the packets to/from a proxy server, with minimal modifications (...
2
votes
1answer
212 views
Transfer Size limit for SCP, SFTP, RSYNC?
Is there a maximum size limit to the size of collective size of the files that are to be transferred in one go for the above protocol. My intent is to know if for example after 1 GB any of these ...
1
vote
1answer
47 views
How do I configure VirtualBox snapshots running server processes to restore correctly?
I'm running VirtualBox 5.0.20 on an OS X host. There's a variety of guest systems, including Ubuntu, CentOS, Windows and OS X.
For each of these systems, I created a live snapshot (i.e. while the VM ...
2
votes
1answer
61 views
Can you send a TCP packet with RST flag set using IPTABLES as a way to trick NMAP into thinking a port is closed?
I am learning Nmap and a thought occurred to me with regards to a SYN scan...
A SYN scan sends an empty TCP packet with the SYN flag set to illicit a response from the target of either RST, ...
0
votes
1answer
207 views
SSH connection giving Connection refused error
I am using CentOs.
I can SSH from local machine to server A. I can also SSH from local machine to server B.
But I cannot SSH from server A to server B:
$ ssh -p <portB> root@B
root@B's ...
4
votes
1answer
769 views
How do I configure Docker containers to have unique IP addresses that are not the default ones?
How do I configure Docker containers to have unique IP addresses that are not the default ones?
The Docker containers will run Apache or some web service. These Docker containers will share one host ...
4
votes
0answers
225 views
How do I get Consul to work so I can get Docker Overlay to work?
I am running CentOS 7 with Docker. I am trying to install Consul on the Docker server. Consul is unzipped. The binary file works for showing the version. I ran this:
echo $CONSUL_RPC_ADDR
This ...
0
votes
1answer
153 views
netcat daemon for calling functions in sh script
I'm new to shell programming and I have created a script that opens a connection to a server of mine. I want to have this script listen for an input from a client node and use that to run a function.
...
1
vote
0answers
107 views
What does TCPRcvCoalesce, TCPAutoCorking and TCPHystartTrainCwnd in netstat mean?
We have some RHEL7 Apache reverse proxies that experienced a performance degradation event. After a few hours, restarting Apache restored performance to normal levels. We are trying to determine the ...
2
votes
0answers
78 views
Why would all our CLOSE_WAIT connections have 24 bytes in the receive queue?
We have an Apache reverse proxy that is having connectivity issues with the back-end. This results in timeout errors such as this:
[Thu Apr 21 12:12:26.031207 2016] [proxy_http:error] [pid 64620:tid ...
