Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Help with capturing/reading total packets on specific port number
Special Forums IP Networking Help with capturing/reading total packets on specific port number Post 302362667 by TonyFullerMalv on Friday 16th of October 2009 07:14:32 PM
Old 10-16-2009
The iptables firewall can be made to simply log activity rather than actually filtering but it would need to load modules as root.
 

10 More Discussions You Might Find Interesting

1. IP Networking

NAT Packets/Port Openine

Firstly, I have no knowledge of hubs, so please keep any advice simple! I have a UNIX hub, connecting three PCs and would like to know if the hub has NAT translation for incoming packets and if th hub is able to NAT translate packets coming in to a local (internal) LAN address.. (3 Replies)
Discussion started by: MartinD
3 Replies

2. Cybersecurity

Reading and Manipulating captured packets (pflog file)

Hey, I currently have a set of captured sessions thru ethereal, saved in pflog files, basically its a tcpdump, which i need to go thru and sort the applications/protocols in order of the times they were used. I also need to change the headers of the packets, basically the source and destination... (0 Replies)
Discussion started by: PenguinDevil
0 Replies

3. Shell Programming and Scripting

Capturing a number at the end of line and store it as variable

Hello, Would someone guide me on how to write a shell script the would search for a phone no using at the end text file using sed or awk and store it in a varaible or print it. The text file is in this form text or numbers in first line text or numbers in second line . . . Firsname... (6 Replies)
Discussion started by: amuthiga
6 Replies

4. IP Networking

tcpdump -w file is not capturing all the packets

I am trying to capture tcpdump for traffic to a port in a file but this does not seem to capture all the packets. Command I use is : tcpdump -w tdump.dat port 22 Why is it not capturing all the packets ? Here is my experiment: root@pmode-client6 adc-demo]# tcpdump port 22 tcpdump:... (5 Replies)
Discussion started by: radiatejava
5 Replies

5. Infrastructure Monitoring

Capturing bad packets

Hello, SNMP reports from my Linux server a large number of "ipInAddrErrors" on several of my systems. According to one description, these packets are discarded datagrams due to: How do I determine what packets these are? Can tcpdump help? If so, can anyone suggest a filter? (1 Reply)
Discussion started by: otheus
1 Replies

6. IP Networking

Retrieve exchanged packets on a particular port

Hi, I want to find out someway to get the number of exchanged packets (received, transmitted or both) on a particular service (so per Port). There are many network tools on linux (netstat, /proc/net/dev, iptables...) but I can not find an efficient way to get these information. All I can do is... (3 Replies)
Discussion started by: nightoy
3 Replies

7. UNIX for Advanced & Expert Users

copy packets from one port to another by iptables

I would like to copy data flow (not redirect!!!) from 1567 port to another 1194 port on same computer. The 1567 Port already binded by Scream program (it is bisy). Is it possible to do it by iptables or for it nesessary another programs? Can you help me in the decision of this question? (1 Reply)
Discussion started by: yanat
1 Replies

8. Shell Programming and Scripting

Help with sum total number of record and total number of record problem asking

Input file SFSQW 5192.56 HNRNPK 611.486 QEQW 1202.15 ASDR 568.627 QWET 6382.11 SFSQW 4386.3 HNRNPK 100 SFSQW 500 Desired output file SFSQW 10078.86 3 QWET 6382.11 1 QEQW 1202.15 1 HNRNPK 711.49 2 ASDR 568.63 1 The way I tried: (2 Replies)
Discussion started by: patrick87
2 Replies

9. HP-UX

Total number of files in a FS

Hello people, On HP-UX B.11.11 U 9000/800 How can I have in aprox. the total number of files in a specific FS? Is the number of used inodes a rough estimation of my total number of files? Server1 /Data:df -i . /Data (/dev/vg_Data/lvol1 ) : 18292960 total i-nodes 15800945 free... (3 Replies)
Discussion started by: drbiloukos
3 Replies

10. Solaris

How to find port number wwn of particular port on dual port HBA,?

please find the below o/p for your reference bash-3.00# fcinfo hba-port HBA Port WWN: 21000024ff295a34 OS Device Name: /dev/cfg/c2 Manufacturer: QLogic Corp. Model: 375-3356-02 Firmware Version: 05.03.02 FCode/BIOS Version: BIOS: 2.02; fcode: 2.01;... (3 Replies)
Discussion started by: sb200
3 Replies

LEARN ABOUT NETBSD

rfc6056

RFC6056(7)					       BSD Miscellaneous Information Manual						RFC6056(7)

NAME

     rfc6056 -- port randomization algorithms

DESCRIPTION

     The rfc6056 algorithms are used in order to randomize the port allocation of outgoing UDP packets, in order to provide protection from a
     series of ``blind'' attacks based on the attacker's ability to guess the sequence of ephemeral ports associated with outgoing packets.  For
     more information consult RFC 6056.

     The individual algorithms are described below:

   The RFC 6056 algorithms
     The following algorithms are available:

     bsd	   This is the default NetBSD port selection algorithm, which starts from anonportmax and proceeds decreasingly through the avail-
		   able ephemeral ports.

     random_start  Select ports randomly from the available ephemeral ports.  In case a collision with a local port is detected, the algorithm
		   proceeds decreasingly through the sequence of ephemeral ports until a free port is found.  Note that the random port selection
		   algorithms are not guaranteed to find a free port.

     random_pick   Select ports randomly from the available ephemeral ports.  In case a collision with a local port is detected the algorithm
		   tries selecting a new port randomly until a free port is found.

     hash	   Select ports using a md5(3) hash of the local address, the foreign address, and the foreign port.  Note that in the case of a
		   bind(2) call some of this information might be unavailable and the port selection is delayed until the time of a connect(2)
		   call, performed either explicitly or up calling sendto(2).

     doublehash    Select ports using a md5(3) hash of the local address, foreign address, and foreign port coupled with a md5(3) hash of the same
		   components obtained using a separate table that is associated with a subset of all outgoing connections.  The same considera-
		   tions regarding late connection as in the case of hash apply.

     randinc	   Use random increments in order to select the next port.

SYSCTL CONTROLS

     The following sysctl controls are available for selecting the default port randomization algorithm:

     sysctl name			 Type	   Changeable
     net.inet.udp.rfc6056.available	 string    no
     net.inet.udp.rfc6056.selected	 string    yes
     net.inet6.udp6.rfc6056.available	 string    no
     net.inet6.udp6.rfc6056.selected	 string    yes

SOCKET OPTIONS

     The socket option UDP_RFC6056ALGO at the IPPROTO_UDP level can be used with a string argument specifying the algorithm's name in order to
     select the port randomization algorithm for a specific socket.  For more info see setsockopt(2).

SEE ALSO

     setsockopt(2), sysctl(3), sysctl(7)

HISTORY

     The rfc6056 algorithms first appeared in NetBSD 6.0.

BSD
								  August 25, 2011							       BSD
All times are GMT -4. The time now is 02:18 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy