Yast And Netstat Doesn't Match In Suse

Hi all

I am helping fixing a set of old suse VMs and there is something seriously weird going with the networking.

My netstat -nr shows one set of routing commands and the yast/networking shows another set routes, routes that I know doesn't exist on our network.

Has anyone seen this before?

For example, in the attached screenshot, we can see yast shows I have no routes.
But here is the netstat -nr output:

hostname:~ # route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.224.0 * 255.255.255.0 U 0 0 0 eth10
192.168.226.0 * 255.255.255.0 U 0 0 0 eth11
192.168.110.0 * 255.255.254.0 U 0 0 0 eth12
link-local * 255.255.0.0 U 0 0 0 eth10
loopback * 255.0.0.0 U 0 0 0 lo
default 192.168.110.1 0.0.0.0 UG 0 0 0 eth12

Thanks


Similar Content



SIOCADDRT Error And Two Gateway For Same Destination When I Use Pptp?

Before I use Code:
pppd call

Code:
$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.1.1     0.0.0.0         UG    1024   0        0 wlp8s0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 wlp8s0

And then I call the code
server: 50.117.*.*
Code:
	sudo pppd call shayu13
	sudo route add -net 0.0.0.0 dev ppp0

I get the error :
Quote:
SIOCADDRT: Network is down
I must change the code by adding the sleep code.
Code:
	sudo pppd call shayu13
	sleep 15
	sudo route add -net 0.0.0.0 dev ppp0

Why? Thanks

And when I look the route tables:
Code:
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         0.0.0.0         0.0.0.0         U     0      0        0 ppp0
0.0.0.0         192.168.1.1     0.0.0.0         UG    1024   0        0 wlp8s0
50.117.**.**  192.168.1.1     255.255.255.255 UGH   0      0        0 wlp8s0
172.16.**.**     0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 wlp8s0

It seems that 0.0.0.0 has two gateway. Is that OK? Thanks

Regular Expression In Expect Script To Prevent Printing To Screen

Hello, I have an expect script where I ssh to a remote host to determine the network configuration and get from the user the network interface card that should be used. From their response, I determine the subnet mask and save the information to a text file that is later transmitted back to my local host. This is all so that I can set up virtual IP aliasing and verify that the physical IP address of the local and remote host are on the same subnet prior to continuing with the setup. I am running the script on Linux, with expect version 5.45.

The code itelf works just fine, but I'm having some issues with how it displays on the screen. As you'll see below in the example, the default system prompt displays, as does the user input command that I'm sending to the shell from the expect script.

Is there a regular expression or something that I can write to prevent the prompt and command that I'm sending from printing to the screen? I know that it should be suppressed if I have an expect command following the Code:
send -s "\nread n_card?'Enter the network interface card number for this server (i.e. eth0):   '\r

command, but everything I have tried for strings and regular expressions to expect causes the netstat -rn output to not show up all of a sudden. I'm new to expect, so I'm not really sure why this is happening.

I would really appreciate any help/suggestions. Thanks for your time!

Part of the Script Code:
Code:
expect {
   -re $prompt {   ;# Send individual commands and get user input
        set timeout -1
        
        # Get partner hostname and put in vipsetup.txt file
        send -s "hostname > vipsetup.txt\r"  
        expect -re $prompt
        
        # Display the network routing info for the user and prompt for 
        # network interface card number
        send -s "print \"The network routing table for the $ptner server is displayed below:\n\" ; netstat -rn \r"
        
        expect -re "\r(.*):\r"
        send -s "\nread n_card?'Enter the network interface card number for this server (i.e. eth0):   '\r"
        interact "\r" return    ;# Wait for user input from read command
        send -- "\r"
        send -s "echo \$n_card >> vipsetup.txt\r"  
        
        # Obtain subnet mask information for partner based on network 
        # interface card number being used
        send -s "msk=\$(cat /etc/sysconfig/network-scripts/ifcfg-\$n_card | grep NETMASK)\r"
        send -s "msk=\$(echo \${msk#NETMASK=})\r"
        send -s "echo \$msk >> vipsetup.txt\r"
    }
    timeout {
        send_user "Connection to host $hostip timed out."
        exit 6 
    }
    eof {
        send_user "Connection to host $hostip failed."
        exit
    }
}


Script Output:
Code:
The network routing table for the PRIMARY server is displayed below:
 
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
10.105.65.0     0.0.0.0         255.255.255.0   U         0 0          0 eth0
0.0.0.0         10.105.65.1     0.0.0.0         UG        0 0          0 eth0
 [root@remotehost root]$
[root@remotehost root]$ ber for this server (i.e. eth0):   '              < 
Enter the network interface card number for this server (i.e. eth0):   eth0

I Want To Disable Ftp And Use Sftp.

I am using Suse 12 Enterprise.
I would like to use sftp and disable ftp.
Presently I am able to do both.
I stopped vsftpd.service.
Tried comment on ports 20 & 21 in /etc/services.
Stop FTP server using YAST.
Stopped xinetd tftp service using YAST.
Is it wise to turn this service off?
How do I display the status for sftp and ftp?
I am still able to ftp.
Where is the kill switch?

Network Commands?

I believe this belongs in here (newbie) and not in Networking.

I'm completely starting out with networking. I have done some research, but I never ran networking commands in a serious way.

Is there an all purpose beginner guide to getting around a network, and learning basic troubleshooting skills? I'm using Ubuntu 14.04 in VirtualBox running on Windows 7 Professional.

I would like to get an understanding of statistics, how to map out my home network and networks I connect to and so on. So I'm interested in any help, any tips and etc.

Thanks!

Inetd Listening But No Connection (ftp/Telnet)

Hello,

I try to use a ftp daemon and a Telnet daemon with inetd and the BusyBox v1.19.0 on a linux 2.6.24.

When running inetd and then checking what is listening with "netstat -an |grep LISTEN" i have :
Code:
netstat: /proc/net/tcp6: No such file or directory
netstat: /proc/net/udp6: No such file or directory
netstat: /proc/net/raw6: No such file or directory
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN

tcp        0      0 0.0.0.0:21              0.0.0.0:*               LISTEN

tcp        0      0 0.0.0.0:23              0.0.0.0:*               LISTEN

ftp port 21 and Telnet port 23 seems to be listening.

My inetd.conf file is :

Code:
#<service_name>    <sock_type>    <proto>    <flags> <user>     <server_path>     <args> 

21 stream tcp nowait root ftpd ftpd /etc
telnet            stream        tcp        nowait    root    /usr/sbin/telnetd

I have no rule in my hosts.deny so nothing should be stopped and i have no iptables firewall in place too.

When typing "ftp://ipofthetarget" in a web browser i have a error :

Code:
504 Gateway Timeout
Gateway timeout expired while waiting for server response.

And when trying to Telnet from another computer or "Telnet localhost" from the board i have :
Code:
# telnet 10.2.29.201
Trying 10.2.29.201...
connected to 10.2.29.201.
Escape character is '^]'

Connection closed by foreign host.

This would mean that the connection for Telnet exist but why is it closing ?

Thank you for your future answers !

UPDATE 1 :
If i try to run telnetd like this :
/usb/sbin/telnet -l /bin/sh
i can connect anonymously from another computer, not perfect because i would like a user/password but still of use.
The problem with the ftp daemon still exist.

UPDATE 2 :
Trying from Windows cmd or linux terminal : ftp ipofthetarget seems to work
Not perfect because i would like a user/password too but still of use.

I am still open for suggestion for the user/password thing. I am not deleting the thread in case someone interested about this exist.

Clear Screen After Every Netstat Update

Hi folks,

When i past this on the shell, the command rungs, but it does not clear previous data on each update.

Quote:
@echo off
:GoAgain
clear
netstat -atnp -w 5 | grep ESTA
goto GoAgain
what could be wrong?

IPtables Rules Are Not Working In RHEL- 6.5 And It Was Working In RHEL5.9

Hi Friends,

I have migrated from RHEL-5.9 to RHEL-6.5 on my server. But iptables rules are not working in RHEL-6.5 as it is working with RHEL-5.9 with the same rules. Please check my rules and details are below.

eth1 for incoming traffic
ppp0,ppp1,ppp2 and ppp3 are DSL connection and it using for outgoing traffic.

I am able to send the traffic through each line separately but could not load-balance with all ppp interfaces through iptables.

I am using iptable mangle rules to distribute the traffic.

/sbin/iptables -t mangle -A OUTPUT -p tcp -m statistic --mode nth --every 4 --packet 0 -m tcp --tcp-flags FIN,SYN,ACK SYN -j MARK --set-mark 1
/sbin/iptables -t mangle -A OUTPUT -p tcp -m statistic --mode nth --every 4 --packet 1 -m tcp --tcp-flags FIN,SYN,ACK SYN -j MARK --set-mark 2
/sbin/iptables -t mangle -A OUTPUT -p tcp -m statistic --mode nth --every 4 --packet 2 -m tcp --tcp-flags FIN,SYN,ACK SYN -j MARK --set-mark 3
/sbin/iptables -t mangle -A OUTPUT -p tcp -m statistic --mode nth --every 4 -m tcp --tcp-flags FIN,SYN,ACK SYN -j MARK --set-mark 4

/sbin/ip route add table ppp0 default dev ppp0
/sbin/ip route add table ppp1 default dev ppp1
/sbin/ip route add table ppp2 default dev ppp2
/sbin/ip route add table ppp3 default dev ppp3

/sbin/ip rule add fwmark 1 pref 200 table ppp1
/sbin/ip rule add fwmark 2 pref 200 table ppp2
/sbin/ip rule add fwmark 3 pref 200 table ppp3
/sbin/ip rule add fwmark 4 pref 200 table ppp0

/sbin/iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
/sbin/iptables -t nat -A POSTROUTING -o ppp1 -j MASQUERADE
/sbin/iptables -t nat -A POSTROUTING -o ppp2 -j MASQUERADE
/sbin/iptables -t nat -A POSTROUTING -o ppp3 -j MASQUERADE

/sbin/ip route app default equalize nexthop dev ppp0 nexthop dev ppp1 nexthop dev ppp2 nexthop dev ppp3

It was not working completely and after read some article to change the kernel parameter I am able to send the traffic but it is working only for some time and dropping connections without any errors.

"echo 2 > /proc/sys/net/ipv4/conf/default/rp_filter
"echo 2 > /proc/sys/net/ipv4/conf/all/rp_filter"
"net.ipv4.conf.default.rp_filter = 2"

The same rules were working perfectly in RHEL-5.9. Do i need to change any other kernel parameter get this done?

Please let me know what are the kernel parameters have to be changed to get this working as like RHEL-5.9 ?

Thanks,
Sekar

Counting IP Connection Number

Hi guys!

I'm writing a script for counting how many connection from each IP (source) to destination IP is established. How can I obtain that number? I mean, the result should be like

2015-06-03_14:08
Source Destination Count
127.0.0.1 127.0.0.1 3
127.0.0.1 127.0.0.4 2
10.11.82.94 10.11.77.95 7

Thank you for your attention!

p.s.: I just need to know how to calculate count number, I've already gain the table from netstat.

Network Driver Problem Suse 11

hello! im using linux suse 11, i need to install network drivers hv tried with this command sudo/sbin/insmod -f but it comes out with an error.

Honeyd Error While Running With Honeyd.conf In Kali Linux

hi there once again
Now I am getting this problem which running the cmd "honeyd -d -f honeyd.conf"
root@kali:/etc/honeypot# honeyd -d -f honeyd.conf
Honeyd V1.5c Copyright (c) 2002-2007 Niels Provos
honeyd[4726]: started with -d -f honeyd.conf
honeyd[4726]: listening promiscuously on eth0: (arp or ip proto 47 or (udp and src port 67 and dst port 68) or (ip )) and not ether src 98:4b:e1:94:62:46
honeyd[4726]: [eth0] trying DHCP
honeyd[4726]: Demoting process privileges to uid 65534, gid 65534
honeyd[4726]: [eth0] got DHCP offer: 192.168.23.2
honeyd[4726]: Updating ARP binding: 00:00:24:26:26:1d -> 192.168.23.2
honeyd[4726]: arp reply 192.168.23.2 is-at 00:00:24:26:26:1d
honeyd[4726]: TTL exceeded for dst 224.0.0.22 at gw 10.0.0.1
honeyd[4726]: No reverse routing map for 10.0.0.1
honeyd[4726]: TTL exceeded for dst 224.0.0.22 at gw 10.0.0.1
honeyd[4726]: No reverse routing map for 10.0.0.1
honeyd[4726]: TTL exceeded for dst 224.0.0.22 at gw 10.0.0.1
honeyd[4726]: No reverse routing map for 10.0.0.1
honeyd[4726]: TTL exceeded for dst 224.0.0.22 at gw 10.0.0.1
honeyd[4726]: No reverse routing map for 10.0.0.1

what does it mean? because it starts to spam the terminal with such errors. or it is not??

I think, I have to edit the "honeyd.conf" file, but no clue.
the following is my honeyd configuration.

route entry 10.0.0.1
route 10.0.0.1 link 10.2.0.0/24
route 10.0.0.1 add net 10.3.0.0/16 10.3.0.1 latency 8ms bandwidth 10Mbps
route 10.3.0.1 link 10.3.0.0/24
route 10.3.0.1 add net 10.3.1.0/24 10.3.1.1 latency 7ms loss 0.5
route 10.3.1.1 link 10.3.1.0/24

# Example of a simple host template and its binding
create template
set template personality "Microsoft Windows XP Professional SP1"
set template uptime 1728650
set template maxfds 35
# For a complex IIS server
add template tcp port 80 "sh /usr/share/honeyd/scripts/win32/web.sh"
add template tcp port 22 "/usr/share/honeyd/scripts/test.sh $ipsrc $dport"
add template tcp port 23 proxy $ipsrc:23
add template udp port 53 proxy 141.211.92.141:53
set template default tcp action reset
# Use this if you are not running honeyd as 'honeyd' user:
# Debian-specific (use nobody = 65534 instead of 32767)
# set template uid 65534 gid 65534

create default
set default default tcp action block
set default default udp action block
set default default icmp action block

create windows
set windows personality "Microsoft Windows XP Professional SP1"
set windows default tcp action reset
add windows tcp port 135 open
add windows tcp port 139 open
add windows tcp port 445 open

set windows ethernet "00:00:24:ab:8c:12"
dhcp windows on eth0


urgent help needed please. thanks in advance