I started a project that needs using network level packets such as IP/ICMP/UDP/TCP packets.
There is two main approach to handle it: Raw sockets and Winpcap/libpcap.
I know pcap installs a driver on OS and allows programmer to capture and send packets. On the other hand there is raw sockets which have some limitations in Windows 7 or above.
The project needs sending some IP/ICMP/UDP/TCP packets to a router and analyzes the responses, such as IP-Identifier, TTL, ... . Also I want it works in Linux and Windows.
Can you list a comparison about these two approach?
If you want the code to be portable, then you can't use the raw socket API (which is rather different on Linux and Windows). Winpcap is generally compatible with libpcap, and the pcap API is generally reasonable, considering what it's doing.
in your situation, RAW sockets will work but you have to do something like
sock_raw_tcp = socket(AF_INET , SOCK_RAW , IPPROTO_TCP);
sock_raw_udp = socket(AF_INET , SOCK_RAW , IPPROTO_UDP);
sock_raw_icmp = socket(AF_INET , SOCK_RAW , IPPROTO_ICMP);
You dont have an option like IP_PROTO_IP. Now, with RAW sockets, you will get only IP headers + transport level headers but not ethernet headers. So, if you are only interested in application layer data and want to use IP header for Ipaddress & TTL and transport header for port numbers etc, then its OK. Keep in mind that for TCP you might have to do check sums and reassembly also. Some checksums will also be required for UDP.
However, winpcap solves many management issues for you since it uses a device driver to connect your NIC's data link layer OR layer 2. Here you will also get an ethernet frame and wont have to open different types of RAW sockets. You still will have to apply the application related logic of dealing with packets as you would do on the network layer (Layer 3).
Related
I need to read data from some Data Aggregator Device over RS-485 interface by USB port (USB-to-RS-485 converter used) for the Desktop App on JavaFX, so I have stacked on checking connection and getting proper values.
Data Aggregator Device collects information about produced current, power etc. from PV-module (Solar Energy). This device has the only RS-485 port. As I read from a documentation, it uses Modbus RTU protocol (with settings: 9600-8N1).
To be honest, It's my first experience with working on COM-ports and Devices. That is why I don't know even am I correctly connect pins. I read a lot of things related with RS-485, Modbus. But, still, I am on the first steps.
So, I use simple UTP cable to connect. And what I have done:
This is how I connect USB-to-RS485 converter
And this is
about Data Aggregator Device
Windows found virtual "COM3" port, after connecting USB to PC. Then I try to check connection with Terminal 1.9 by Bray. I try to send something. And as receiving messages it sent me some data also. However, it doesn't mean that everything connected well. Also terminal shows me some FRAME ERROR.
I know, that Modbus protocol based on "master-slave" scheme. Therefore, PC as a client is "Master" and device as a server is "Slave". I have to send some request to the slave to get some expected response. But, how?!
Please, check my connections! I don't know what to do next.
RS-485 is differential and requires just two wires, you can safely remove the ground wire (GND). Then, connect the wires to R+ and R- on your USB-to-RS485 converter
Done that, may I ask you how you tried to send something? Modbus requires a final byte, the CRC which is hard to determine by hand. Did you create a valid modbus packet?
A valid modbus packet requires a receiver address, the payload length, the data itself and the final CRC
I don't know about java, but if you do have specification of devices protocol, you can surely use terminal program to send message to modbus and read messages back. That way you will have protocol tested and it shouldn't be to hard to make custom software later. But until you can send message and get back meaningful message using terminal software I recommend you to stick to it.
This youtube video will give basic knowledge needed about modbus RTU packet format: https://www.youtube.com/watch?v=OvRD2UvrHjE
The most difficult part is calculating CRC every time. But luckily you can download Docklight terminal. It actually has an option to calculate CRC automatically for modbus and add it at last positions of the packet.
You can download free version at their homepage.
docklight.de
It is very simple to use. Same as Bray terminal you used.. And here is example of how to set up modbus CRC calculation for every package.
https://docklight.de/manual/sendingmodbuscommandswithc.htm
I know they also have great support.
Once you successfully send message to device and get answer, things will get much easier because you will understand how protocol actually works. Modbus RTU is very mature protocol, but it is still used because many existing systems use it and it is very simple to add it to some device. All device needs is Serial port (UART) to connect to modbus. So it is not that hard to understand it and use it. Just check out explanation video and terminal specifically adopted for modbus that I gave links in this message.
I need to make a troubleshooting tool in java
From the java code, I need to communicate with tethereal (linux commands) to help me generate a .pkt file. The .pkt file will contain all the contents of the communication that took place between the client and the server- i.e. all the packet communication between the client and server.
how should I do that?
Do you know WireShark? That is a cross-platform Network Packet Capturing application.
The idea is that it captures all packets (TCP and UDP) that passes one network device (eg: WiFi card) and you apply a filter on the port that your application uses, and eventually an IP address. Very useful tool.
If you really need to do it in java you can use http://jnetpcap.com/ which is a wrapper for libpcap which works similar to tethereal.
Here is the situation. There are server and client in network. They communicate like this:
Client sends request for some function.
Server sends to client function parameters.
Client trying to perform function and sends answer to server.
Server sends to client data which it should show.
But sometimes client can't perform function and sends error. I want to catch all packets from step 2, analyze them (I've already have tools for that), prevent some of them to reach client, process them with my program and form packet like in step 3. This must be done on client side. I have no access neither to server nor to client.
So, the question is: Is there libraries for changing, injecting and removing tcp/ip packet in c++ or java? The solution should be working in both Win and Linux systems.
Also, may be you have better ideas to expand client functionality?
Thanks for any help!
I tried to google how to change packets, but all I got were unanswered questions and sniffers=(
Edit: Actually, I don't really need injecting and removing packets, I can manage it with only changing packet data. Also, there is no multiple requests in the same packet, and a single request across multiple packets is not a problem.
You have to build a Proxy for your server. The client connects to the proxy, and the proxy itself connects to the server. It just routes all the packages between client and server.
BUT it is now able to intercept specific messages and to modify them. Imagine a filtering HTTP proxy, it works the same way.
I have personal experience with libpcap on linux and freeBSD, a kind of lowlevel library that helps to catch or inject packets. I did use it in an IPV6 network bridge project... But i know there is a windows port for it.
http://sourceforge.net/projects/libpcap/
You can let the library to:
catch packets using a filter
extract data from packet
you can process the data (modify them)
reinject it again using the same library
But you would have to work with internal data in a quite raw matter. Best documentation for this library are comments inside its header file, that is the most up to date info. Maybe there are some more comfortable highlevel libraries.
What I mean is like servers on video games. You can run an application and it will set up a server on your computer with an IP and a port.
For example, how would you make an application where one host application sets up a thing where it has an IP and a port, and another computer that has access to the internet as well can type in the IP and port and it would be able to communicate with the host? I mean simple communication, like sending a boolean or String.
And would there be any security problems that would be needed to fix?
I guess I grasp the concept of your question...
You want two computers to connect via internet right? If that is the case, then you will have to use a thing called "sockets" that do connections between computers. About the server thing, well, for starters the client must always know what IP the server as (direct IP or by a DNS), and then you can connect your client to your server. There is a tutorial for sockets at the java pages: http://download.oracle.com/javase/tutorial/networking/sockets . About security issues, well, you must make sure that your server can handle anything that comes from the client (i really mean everything), i mean, accepting every type of data that is supposed to receive and deny everything that is not (trash per say). If you have that in mind then there is no problem (and of course, the server must have a firewall also to control the sockets, but that's not up to you).
Here is an example of how to use sockets to send a string from a server to a client.
http://www.java2s.com/Code/Java/Network-Protocol/StringbasedcommunicationbetweenSocket.htm
The site has about 20 examples of how to do what you are trying to do. In general I find this site to be the best JAVA resource that I know.
In general, the thing you probably want is a Socket. Sockets allow you to send bytes to an endpoint via TCP or UDP. This is very low-level, though, and are somewhat tricky because you have to design your own application protocol. You may want to use something that offers more abstraction.
Java sockets expose a stream interface so you could just encode integers as strings, for instance, and send them line by line, or you could do something fancier and more efficient like using a DataOutputStream to wrap it.
Handling the following issues can improve security.
If you have router ,set different ports for routing.
Example: If you are running server say on port 6001, map a virtual port say 9001 , which would be exposed to public.
DDos
IP Restriction - Not every user can access your machine !
Enabling router firewall does handle most of the issues.
I have a Java program running on two computers that are both on the same network. I would like to have these applications become aware of each other, so they could communicate directly as opposed to communicating with the server to relay messages.
I believe i may have a solution as to how this would work, but am unable to find any examples to compare my solution against. Do you guys know how this problem is usually solved?
There is a good library that implements the Zeroconf / Bonjour standard in plain java at http://jmdns.sourceforge.net/
This basically relieves you from the protocol burden and allows you to advertise and lookup service providers based in logical names (That's what iTunes or Mac printing does for example).
This book http://www.amazon.com/Zero-Configuration-Networking-Definitive-Guide/dp/0596101007 explains all basic concepts.
You could get them to do a UDP multicast within a LAN environment to identify the programs using protocol messages then have a stored cache of each other's identity and then use TCP to connect and do main exchanging of messages (which is more reliable than UDP). Or you can simply proceed with UDP messaging only if you want to.
You can search for multicasting in Java online.
Some multicast related links:
http://download.oracle.com/javase/1.4.2/docs/api/java/net/MulticastSocket.html
http://www.javafaq.nu/java-article817.html
A good multicast chat software you can reference:
http://sourceforge.net/projects/mc2/
One way would be to send a broadcast to see who's out there, then implement a GUI to show the user what other peers are there and give an option to connect to. (The broadcast will give you the IP address of everybody there.)
Once you know who to connect to, you simply open a TCP connection (or use UDP if it is time-critical) and you're done.
Btw, this is for IPv4 - IPv6 doesn't have broadcast (although something similar).