The Transport Control Protocol (TCP) is a low-level part of the protocol stack used by the Internet. It sits directly above the IP layer and is responsible for making sure that dropped packets are resent.
0
votes
1answer
12 views
TCP reset after SYN ACK possibly related to “no route to host”
I have a problem with one of our clients trying to initiate a TCP connection to our server but it fails.
In tcpdumpI see, that the client's device sends a SYN packet to which our server correctly ...
-2
votes
0answers
7 views
Centos 7 for some clients port is not open
today i move from Digital Ocean to Vultr my chat server, and i got a problem. I have 600 clients and 10% can't connect to server. All has same problem - port won't ping(no response), i'l attach few ...
0
votes
0answers
8 views
Rsyslog stalled on tcp forward
Our rsyslog forward nginx log to our log tools.
After some hours, rsyslog is stalled.
tcp 1 0 10.3.6.165:44823 someip:10514 CLOSE_WAIT 30469/rsyslogd
If I do a strace I get:...
1
vote
0answers
13 views
tracking proxied TCP connection
I'm a unix admin at a college. I've two web servers. One of them is for faculty and one of them is for the official college web team. The offical web server proxies requests for faculty web pages, ...
1
vote
1answer
22 views
User Defined TCP Port Permissions
Is there a way in Ubuntu to set TCP ports permissions for individual users?
For example, userA is only allowed to open ports between 3000-3010. So if userA ran the following php -S 0.0.0.0:3001, it ...
1
vote
0answers
21 views
Is TCP PACING enabled by default on linux?
I'm newbie on TCP PACING details. I want to ask a basic question:
Is TCP PACING enabled by default on Linux? I'm using Ubuntu right now, kernel 4.4.0.
I saw that it can be enabled/disabled using TC-...
0
votes
1answer
18 views
File defining the service assigned to each port
I know there are already nmap and netstat commands we could use to see all open port on Ubuntu. However, I know there exists a file with all port and the service assign to each port. Could anyone have ...
1
vote
1answer
31 views
Using tc, I want TCP and UDP to use the same buffer
I have 2 types of traffic
TCP
UDP
I want to apply 2 different filters on them, 1 Mbps b/w for UDP and 7 Mbps b/w for TCP
But I want their traffic to use a common buffer of size 100 packets
I've ...
-1
votes
0answers
37 views
How can my Linux machine eavesdrop a specific port on another machine using WLAN?
Im using a specific method to transfer data between two computers running linux through port 555 on the WLAN while they are connected to the same wifi.
Using a 3rd linux computer I am trying to "...
0
votes
1answer
19 views
How can I emulate (inject) system-wide keystrokes and mouse movement via a TCP server?
I'm running Debian on a dedicated HTPC without a keyboard or mouse attached.
Most users will use LIRC and an IR receiver to control the system, but my remote control is advanced and can send direct ...
1
vote
1answer
54 views
Generating TCP traffic in Ubuntu [closed]
I want to generate TCP traffic in Ubuntu between two hosts.
I also would like to measure the average RTT in Wireshark.
What is the command in Ubuntu for generating TCP traffic?
First , I used This ...
1
vote
0answers
22 views
Get number of bytes/packets in and out on a specific TCP/UDP port
I don't want to use tcpdumps or wireshark
So, is there any way to get number bytes/packets transmitted and revived on a specific port. We can get in /proc/<PID>/net/dev of process which is ...
1
vote
1answer
52 views
Send random data over TCP for a while, and count how many bytes were sent
To test data throughput, I want to 1) for X seconds 2) send random data 3) over TCP, and 4) to know afterwards exactly how many bytes were transmitted.
My best attempt (which is not much)
1) timeout ...
0
votes
0answers
26 views
tcp6 protocol with netstat in Solaris
I am using netstat command to get processes on a port like:
netstat -n -P tcp6 | grep 31210
I get results in Linux but in case of Solaris I get the following error:
tcp6: unknown protocol.
How to ...
1
vote
1answer
76 views
IPv6 over TCP or TCP6
My understanding is that
tcp6 is used for connections over IPv6 & tcp is used for connections over IPv4.
and
::ffff:127.0.0.1 is representing IPv6 address which is mapped to IPv4 address.
...
0
votes
0answers
30 views
Send Apache Catalina Logs to Logstash
Dependencies :
OS Version : CentOS 5.0
Server Environment : Production
Logstash Version : 5.0
Elasticsearch Version : 5.0
I have several app servers running on CentOS 5.0. All these are on-...
3
votes
1answer
36 views
How to disable tcp checksum offloading on OSX 10.11.6?
I'm trying to deactivate the checksum offloading on OSX.
sudo sysctl -w net.link.ether.inet.apple_hwcksum_tx=0
--sysctl: oid 'net.link.ether.inet.apple_hwcksum_tx' is read only
This one above seems ...
0
votes
0answers
16 views
Firewall rules for a single tcp session
How can I add a firewall rule in iptables such that I allow packets only for a particular SSL session.
I currently allow/deny ssl packets based on content type, for example, the following rule will ...
1
vote
0answers
22 views
Why am I unable to prioritize TCP traffic using ToS fields?
I am trying to prioritize TCP traffic using ToS field in IP header.
I am saturating the interface(ethernet) by sending 1GB data through iperf with ToS field set to 0x10 (Minimize-Delay).
I then start ...
1
vote
1answer
32 views
“netstat -p”/“ss -p” not showing the process of a listening port
On my CentOS 7, at one point, sudo ss -plt listed a port marked as LISTENING on *:30565, but there was no information whatsoever in the process column of its row. The other listening ports were ...
0
votes
0answers
36 views
Multicasting using UDP - UFTP
Can someone help me how to multicast using encryption in uftp?
I've tried all the possibilities, and unable to multicast. Unicast with client-generated key works fine.
1
vote
0answers
43 views
Issues with nmap scan using ssh socks proxy with proxychains
I have a socks proxy made available to a remote computer, using ssh:
ssh -D 127.0.0.1:9999 remoteuser@remotemachine
I've adjusted the /etc/proxychains.conf:
quiet_mode
socks4 127.0.0.1 9999
After ...
1
vote
1answer
47 views
Linux TCP stack not forwarding data to my application
I am using curl to send a HTTP request but curl app is not receiving response.
I tried to debug it using tcpdump and found that remote server is responding with data (HTTP 302 Found) but my curl ...
0
votes
0answers
20 views
Details about TCP connections
I have a problem the JVM opens a lot of TCP connections and I have no idea why.
tcp6 1 0 localhost:4431 localhost:44178 CLOSE_WAIT 2393/java
tcp6 1 0 ...
2
votes
1answer
46 views
TCP: One PC can connect to other's listening port but not vice versa
I have a local network (doesn't really matter if it's VPN or real local network - I've tried both).
One computer running Linux Mint opens a socket with
mint$ nc -l 4242
And the second one running ...
5
votes
2answers
107 views
Is accepting RELATED,ESTABLISHED for all sources in iptables considered “too open”?
I've often seen the rule -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT applied. Whilst I'm not an expert, that particular line concerns me. It's pretty obvious that the rule allows all ...
2
votes
0answers
26 views
Out of order Packet Reassembly for dnat rule using iptables
We all know that packet reassembly only occurs at the destination or in between hops(when security devices need to inspect packet for threat detection or for signature macthing).
Consider a scenario ...
1
vote
0answers
28 views
FTP connection issue in UNIX
So cisco intrusion prevention system(IPS) runs on UNIX platform.
we have been facing this FTP issue where the three way handshake gets completed, the ftp sends a FTP 220 request to the IPS. But the ...
1
vote
0answers
28 views
iptraf shows traffic on UDP/443, why?
Somehow, iptraf is telling me that I am getting traffic via port 443 in UDP instead of TCP.
I checked the firewall several times, and UDP port 443 is definitely not open. I have that TCP port (...
4
votes
1answer
60 views
TCP/IP relay from one client to multiple clients
I'm looking for a linux tool to run under fedora that will open a tcp/ip socket for listening, let it connect multiple clients on the same port. Then when one client sends a message relay it to all ...
3
votes
3answers
69 views
SSH-like session that survives physical network disconnection
I want my SSH login session to remain connected after the computer goes to sleep and wakes up. From what I understand TCP can survive intermittent network problems, so can I change settings so that it ...
0
votes
1answer
23 views
Disable tcp connections after a certain number of clients have connected.
We are running Linux and have a Ruby application that needs to accept exactly 4 connections and then not accept any more until one of the clients drops off. The reason I ask this here is there should ...
1
vote
1answer
25 views
Log closed tcp connections with iptables
I can easily log new tcp connections with iptables like this:
iptables -A INPUT -p tcp -dport XYZ -m state --state NEW -j LOG
Is there a way to log when a connection is closed?
1
vote
2answers
36 views
Two apps have to bind to the same port
I have two apps that use the same tcp port (and same interface) for the monitoring console, not the main port of application. I am not interested in use that port, and I cannot change the source code ...
0
votes
0answers
17 views
is there some way to explicitly block wildcard listeners at the OS level? (not IPTables)
I have services that listens on higher ports like 5666, 42313 and many more. These services should not be exposed on public IP but at the same time should be accessible from internal network.
I had ...
1
vote
0answers
77 views
Linux slow outgoing connection
I have Debian 8.5 installed and I am facing really strange issue:
Establishing new connection from my linux server to any other server is taking up to 40 seconds. Incoming connections are fine. For ...
0
votes
1answer
14 views
Will the load average of my Linux box increase if it reaches file descriptors or TCP connections limit?
Will the load average of my Linux box increase if it reaches file descriptors or TCP connections limit ?
0
votes
0answers
125 views
Linux 'ss' command - TCP connections
I am getting below output/summary while running few gatling & AB perf test as a result of command -
$ ss -stplu
Output -
Total: 517 (kernel 0)
TCP: 11261 (estab 3, closed 11254, orphaned 1, ...
2
votes
1answer
207 views
Disable TCP packet processing by Linux Kernel on a specific port
I'm working on a TCP/IP stack, that currently runs from Linux user space using raw sockets.
To test this, I need to disable the Linux Kernel TCP code for a specific port, so that the kernel doesn't ...
1
vote
0answers
60 views
Socat exec script in tunnel
I am running a tunnel like this:
socat TCP-LISTEN:9090,fork TCP:192.168.1.3:9090
I would like to run a script to execute code with the strings passing through the tunnel.
The script does not change ...
0
votes
1answer
487 views
In linux does “/proc/sys/net/ipv4/tcp_keepalive_time” has impact on both client & server?
We have a machine running on linux where we are exposing & also consuming SOAP based web services that use Keep Alive settings. Now when we change the TCP keep alive time out value by setting "/...
9
votes
1answer
662 views
Are /dev/{udp,tcp} standardized or available everywhere?
I've recently learned about the /dev/udp and /dev/tcp pseudo-devices here. Are they specific to some GNU/Linux distributions or can I find them on other unix systems?
Are they standardized in some ...
1
vote
1answer
48 views
How to capture Network traces containing only a specific string?
I have a Adapter installed and working on RHEL server which faces disconnection when a particular signal message is sent from the Source to which this adapter is connected.
In order to capture the ...
0
votes
0answers
19 views
moving tcp flows between interfaces and recovering traffic
Lets say, I have two machines A and B.
Both have a 2 port 10G NIC. Let their interfaces names be eth0 and eth1 respectively.
Let eth0 of machine A be connected to eth0 of machine B.
And eth1 of ...
0
votes
1answer
84 views
curl hangs during http download
I have a VM running CentOS 6. On this Linux box, I run 4 curl download concurrently.
In some case, one of the curl download hangs. ps shows that curl process is still there. And netstat shows the ...
0
votes
1answer
53 views
Oracle Linux 5: 21% received packet drop
This is what I'm seeing:
# netstat -i
Kernel Interface table
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
bond0 1500 0 703449 0 147463 0 ...
1
vote
0answers
57 views
Port open high for a few moments more often
I have a dns server running bind without iptables configuration. Running some scanners with nmap, I found that no root in some high moments ports are open but soon close, and stay in that loop. When I ...
3
votes
1answer
61 views
Wrapper to prevent a program from accessing non-local connections
Consider a program server which binds to '*' and listens for incoming connections. I only connect to server from localhost and I do not want external users to be able to connect to it. However, the ...
0
votes
1answer
126 views
fast retransmit does not work
Fast retransmit says that if 3 dupacks have been received by sender, then the sender should retransmit the lost packet. But my tcpdump output shows that it didn't work like this. It didn't retransmit ...
3
votes
1answer
89 views
Use OpenVPN on TCP 443 without it interfering with my web server
I have a VPS running Debian with a LAMP install. It doesn't get much use so I'd like to install OpenVPN to use as my own personal VPN. However, I want to use TCP port 443 (to avoid firewalls).
How ...
