10-14-2009
Capturing bad packets
Hello,
SNMP reports from my Linux server a large number of "ipInAddrErrors" on several of my systems. According to one description, these packets are
discarded datagrams due to:
Quote:
the IP address in their IP header's destination field was not a valid address to be received at this entity. ... For entities which are not IP Gateways and therefore do not forward datagrams, this counter includes datagrams discarded because the destination address was not a local address.
How do I determine what packets these are? Can tcpdump help? If so, can anyone suggest a filter?
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
How can i send a packet, and what is an empty packet? (8 Replies)
Discussion started by: Avatar0fEvil
8 Replies
2. Programming
I am working on a project, which has the following type of hardware setup.
A special hardware device is receiving data from an external network interface. So we can have multiple such a hardware devices. Now these hardware devices will route the captured incoming data through the external... (4 Replies)
Discussion started by: S.P.Prasad
4 Replies
3. IP Networking
there are a number of clients connected to a server.... how can i count that each clients recieve ...? how do i moniter the activity of the client..? (2 Replies)
Discussion started by: damn_bkb
2 Replies
4. UNIX for Advanced & Expert Users
I need to write a script that can find a bad record (for example: there is date field colom but value provided in the file for this field is N/A) then script shoud searches this pattern and then insert the whole record into the bad file.
Example:
File1
Name designation dateOfJoining... (1 Reply)
Discussion started by: shilendrajadon
1 Replies
5. Shell Programming and Scripting
I need to write a script that can find a bad record (for example: there is date field colom but value provided in the file for this field is N/A) then script shoud searches this pattern and then insert the whole record into the bad file.
Example:
File1
Name designation dateOfJoining... (2 Replies)
Discussion started by: shilendrajadon
2 Replies
6. Shell Programming and Scripting
Hello
I need to send some packets to check connection. Packets will be catch by snoop. Is there any Sun tool to send some packets on selected IP and Port?
Thx (1 Reply)
Discussion started by: miojamo
1 Replies
7. HP-UX
Hi there,
are there any functions that can get the packets statistics on UNIX ?
thanks. (2 Replies)
Discussion started by: Frank2004
2 Replies
8. IP Networking
I am trying to capture tcpdump for traffic to a port in a file but this does not seem to capture all the packets. Command I use is :
tcpdump -w tdump.dat port 22
Why is it not capturing all the packets ?
Here is my experiment:
root@pmode-client6 adc-demo]# tcpdump port 22
tcpdump:... (5 Replies)
Discussion started by: radiatejava
5 Replies
9. IP Networking
Hi guys,
I'm using a Linux system(Ubuntu) and I've been trying to find a method to read the total packets received/sent on a specific port (e.g port 80 or port 25) on a local machine. I can read the overall total packets received/sent from the /proc/net/dev file system. But what I can't do is... (2 Replies)
Discussion started by: lildee
2 Replies
10. Shell Programming and Scripting
Why I get bad replace when using eval?
$ map0=( "0" "0000" "0")
$ i=0
$ eval echo \${map$i}
0000
$ a=`eval echo \${map$i}` !!!error happens!!!
bash: ${map$i}: bad substitution
How to resolve it ?
Thanks! (5 Replies)
Discussion started by: 915086731
5 Replies
UDP(4) BSD Kernel Interfaces Manual UDP(4)
NAME
udp -- Internet User Datagram Protocol
SYNOPSIS
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
int
socket(AF_INET, SOCK_DGRAM, 0);
DESCRIPTION
UDP is a simple, unreliable datagram protocol which is used to support the SOCK_DGRAM abstraction for the Internet protocol family. UDP
sockets are connectionless, and are normally used with the sendto(2) and recvfrom(2) calls, though the connect(2) call may also be used to
fix the destination for future packets (in which case the recv(2) or read(2) and send(2) or write(2) system calls may be used).
UDP address formats are identical to those used by TCP. In particular UDP provides a port identifier in addition to the normal Internet
address format. Note that the UDP port space is separate from the TCP port space (i.e., a UDP port may not be ``connected'' to a TCP port).
In addition broadcast packets may be sent (assuming the underlying network supports this) by using a reserved ``broadcast address''; this
address is network interface dependent.
Options at the IP transport level may be used with UDP; see ip(4).
ERRORS
A socket operation may fail with one of the following errors returned:
[EISCONN] when trying to establish a connection on a socket which already has one, or when trying to send a datagram with the desti-
nation address specified and the socket is already connected;
[ENOTCONN] when trying to send a datagram, but no destination address is specified, and the socket has not been connected;
[ENOBUFS] when the system runs out of memory for an internal data structure;
[EADDRINUSE] when an attempt is made to create a socket with a port which has already been allocated;
[EADDRNOTAVAIL] when an attempt is made to create a socket with a network address for which no network interface exists.
MIB VARIABLES
The udp protocol implements a number of variables in the net.inet branch of the sysctl(3) MIB.
UDPCTL_CHECKSUM (udp.checksum) Enable udp checksums (enabled by default).
UDPCTL_MAXDGRAM (udp.maxdgram) Maximum outgoing UDP datagram size
UDPCTL_RECVSPACE (udp.recvspace) Maximum space for incoming UDP datagrams
udp.log_in_vain For all udp datagrams, to ports on which there is no socket listening, log the connection attempt (disabled by default).
udp.blackhole When a datagram is received on a port where there is no socket listening, do not return an ICMP port unreachable message.
(Disabled by default. See blackhole(4).)
SEE ALSO
getsockopt(2), recv(2), send(2), socket(2), blackhole(4), inet(4), intro(4), ip(4)
HISTORY
The udp protocol appeared in 4.2BSD.
BSD
June 5, 1993 BSD