I am trying to send UDP over a network to a microcontroller. The microcontroller has had almost all of the IP stack stripped out to keep it lean, so cannot engage in ARP.
The microcontroller is outputting broadcast packets, which I can receive so I know its IP address and MAC address.
I can send broadcast UDP packets to it, which it receives fine, but when I try to send packets using its IP address, I can see ARP messages in wireshark, "Who has 192.168.1.205? Tell 192.168.1.18", 205 being the micro, 18 is my PC. The micro does not respond with its MAC address, so I cant send the packet, but I know the MAC address from the packets the micro is sending out anyway.
So my question is can I specify the IP and MAC address using the UdpClient so it does not need to use ARP.. is there anything else I'm not considering?
The broadcast method that works looks like this:
myUdpClient.EnableBroadcast = true;
myUdpClient.Connect(IPAddress.Broadcast, port);
myUdpClient.Send(dataBytes, dataBytes.Length);
The fixed IP method that doesnt currently work looks like this
IPEndPoint ep = new IPEndPoint("192.168.1.205", port);
myUdpClient.Send(dataBytes, dataBytes.Length, ep);
I have looked at using things like
myUdpClient.Client.SendTo(dataBytes, SocketFlags.DontRoute, ep);
but this doesnt work, and is still not making use of the microcontrollers MAC address.. which my application knows and needs to use (I think). I was also hoping some ARP table on the network would have known where the MAC address was seeing as packets with this info are being sent from it..
As a note, I want to keep broadcast to a minimum to reduce the load on other microcontrollers on the network.
Thanks in advance,
Gareth
As far as I can see, you have two options, I'm sure someone else has more;
Set a static ARP entry in the OS before launching your application. arp -s <ip> <mac> or similar will set it on most OS's and bypass ARP for further requests to the IP.
Use Jpcap to bypass the IP stack entirely, building and sending your own raw packets.
Related
I have a laptop which has a wireless adapter with ip address "192.168.5.60". This laptop will send UDP Multicast packets.
I have a desktop pc which has a network adapter ip ""192.168.5.90". I installed a software named "Multicast Tester" which joins multicast group("239.194.190.22:4000") on this desktop pc.
Problem is if i use another software which i installed from internet on laptop and send multicast udp packets to "239.194.190.22:4000" i can receive these packets in desktop pc.
If I use my program to send these packets, i can't receive multicast packets.
My code :
UdpClient udpClient = new UdpClient();
udpClient.client.bind(new IPEndPoint(IPAddress.Parse("192.168.5.60"), 0));
udpClient.JoinMulticastGroup(IPAddress.Parse("239.194.190.22"));
udpClient.send(myData, myData.length, new IPEndPoint(IPAddress.Parse("239.194.190.22"), 4000));
Note : Both computers have multiple nics.
From your description, the problem is that your sender is sending out its system default multicast interface which happens to be an interface not on the link with the 192.168.5/24 network. If you use IP_MULTICAST_IF with either the sender's ip or the index of the interface (as shown by ipconfig) instead of IP_MULTICAST_TTL then the TTL of 1 is fine since you are then using the shared link, i.e:
_udpClient.Client.SetSocketOption(SocketOptionLevel.IP,
SocketOptionName.MulticastInterface, IPAddress.Parse("192.168.5.60").GetAddressBytes());
(Where you may need to do some more work on the address to make it a DWORD in network order, and based on ip options and enums)
I just solved it. It looks like default TTL value for UDP Multicast packets is '1'. !
I changed it to '16' by using this code:
_udpClient.Client.SetSocketOption(SocketOptionLevel.IP, SocketOptionName.MuticastTimeToLive, 16);
I'm currently working with TCP/IP Sockets, My client console program has to connect with server which is my PC, If the destination in the client program is specified as a local host it works fine, what I need to get done with is to connecting the client with my server through internet, what I did is looked up for my IP address on http://www.whatismyip.com/ and tried but it didn't work as I think it's a Network Interface IP address, then I altered destination IP address in client program specifically to the address of my computer which I want it to be a server, but that didn't work also. Here's my code.
Ip = (IPAddress.Parse("192.168.1.4"));
MyClient.Connect(Ip,6000);
GetStream = MyClient.GetStream();
Console.WriteLine("CONNECTED TO SERVER");
Read = new BinaryReader(GetStream);
Write = new BinaryWriter(GetStream);
There 2 things (at least) that you should be aware of:
1. To access your computer from Internet (from the public address, the one you get with whatismyip.com) you need to open the port (6000) at the router, and tell the router to what IP it should forward the incoming connection. You could specified specifics ports or put a DMZ host where all the incoming connections will be routed to that host/PC. Read your router manual to see how that is done.
2. You cannot access your public IP from the inner side of the router (intranet), if you want to connect to your public IP you need to be in another network.
If you have a dynamic IP (is the default) every time the router is powered off and on then, most probably, that IP would change, you need to investigate thru whatismyip.com in order to know what IP has been assigned. You could connect to dyndns.org and ask for a host name myhost.mydomain.com (.es, .fr, etc), and in the router tell the DDNS (Dynamic DNS) to update that host every time the IP changes. In your client program you then connect to MyClient.Connect("myhost.mydomain.com", 6000);
Hope I explain myself well enough, anyway, if you have any question let me know.
I know this question has been asked many times. I've read ALL the answers and tried EVRY piece of code I could find. After a few days I'm so desperate that I have to ask you for help.
I have a device and a PC in my home network. The device sends UDP broadcast messages. On my PC I can see those messages in wireshark:
Source Destination Length
192.168.1.102 0.0.0.0 UDP 60 Source port: 9050 Destination port: 0
That means the packets are arriving on my PC. My next step was to create a C# application that receives those packets. As mentioned above I tried every possible solution, but it just won't receive anything.
So I guess there must be something very basic I'm doing wrong.
Can anyone help me out? Thanks!
Just experienced the same issue, and wanted to share what fixed it for me.
Briefly: it seems that Windows Firewall was somehow the cause of this weird behavior, and just disabling the service does not help. You have to explicitly allow incoming UDP packets for specific program (executable) in Windows Firewall inbound rules list.
For full case description, read on.
My network setup is: IP of my (receiving) machine was 192.168.1.2, IP of sending machine was 192.168.1.50, and subnet mask on both machines was 255.255.255.0.
My machine is running Windows 7 x64.
This is the code (roughly) that I used:
Socket sock = new Socket(AddressFamily.InterNetwork, SocketType.Dgram, ProtocolType.Udp);
IPEndPoint iep = new IPEndPoint(IPAddress.Any, 0);
sock.Bind(iep);
sock.EnableBroadcast = true;
EndPoint ep = (EndPoint)iep;
byte[] buffer = new byte[1000];
sock.ReceiveFrom(buffer, ref ep);
Initially this did not work unless I sent a broadcast packet from that socket before I call ReceiveFrom on it. I.e. adding this line before ReceiveFrom call:
sock.SendTo(someData, new IPEndPoint(IPAddress.Broadcast, somePort))
When I didn't send the broadcast packet first from receiving socket, incoming broadcast packets were not received by it, even though they appeared in Wireshark (destination of packets was 255.255.255.255).
I thought that it looks like firewall is messing with incoming packets (unless some kind of UDP hole is opened first by outgoing packet - even though I haven't heard before that UDP hole punching applies to broadcast packets somehow), so I went to services and disabled Windows firewall service altogether. This changed nothing.
However, after trying everything else, I re-enabled the firewall service, and tried to run the program again. This time, firewall prompt appeared asking me whether I want to allow MyProgram.vshost.exe process (I was debugging in Visual Studio) through firewall, I accepted it, and voila - everything worked! Incoming packets were being received now!
You are OK, they have something wired in the code which causes the problem. (I haven't read the article, just copy pasted)
It always works from the local machine, but from a remote machine it will fail for some reason.
To fix this:
In the Broadcst.cs they broadcast twice. once for the localhost and then for the target IP adress (iep2). simply remove the
sock.SendTo(data, iep1);
and it should work.
No idea why.
[Solved]
I am manually constructing DHCP packets as a client to the DHCP server. So far I am able to send a DHCPDISCOVER packet and receive a DHCPOFFER from the server in return. However, when I send DHCPREQUEST, I don't receive the expected DHCPACK at all.
DHCPDISCOVER: http://digitalphoenix.info/uploads/so/dhcpDiscover.jpg
DHCPOFFER: http://digitalphoenix.info/uploads/so/dhcpOffer.jpg
DHCPREQUEST: http://digitalphoenix.info/uploads/so/dhcpReq.jpg
(in the above the Honeypot daemon is 192.168.0.2, DHCP server 192.168.0.1, client A (192.168.0.6) trying to probe 192.168.0.106 which doesn't exist. Attempting to acquire a lease for '192.168.0.106')
I'm inferring that the DHCP server does not send an ACK at all because:
1) the DHCP server shows no active lease for 192.168.0.106
2) the DHCP server usually sends an ARP request to the requested IP prior to sending ACKs to probe availability (tested) (no ARP req sent)
therefore the problem lies in the DHCP Request packet being dropped or rejected...? I don't even get a NACK
Background: I am writing a Honeypot daemon that dynamically allocates IP addresses on behalf of virtual high-interaction Honeypots (VM). It listens for unanswered ARP requests, takes the dest. IP and attempts to lease that specific dest. IP address from the DHCP server for the next unbound Honeypot to use. When the lease has been acknowledged, the daemon finally returns an ARP reply to the source. The Honeypots exist on a separate subnet and the goal is to logically place them within the same subnet as the host machine. From thereon, the daemon is responsible for all outgoing/incoming traffic for the bound Honeypots(s). The ethernet frame src addr is the MAC of the Honeypot daemon / host. However, the MAC specified in the bootp is completely arbitrary.
edit: just noticed the UDP checksum is empty, didn['t notice this because of wireshark disabling udp checksum validation. is this necessary? the DHCPDISCOVER didn't have it but got response anyway? Even small suggestions as to what may be causing the problem would be appreciated, thanks guys
edit2: corrected the UDP checksum, problem still exists
extra info: 192.168.0.0/24 lease range 2-254
wireshark capture / pcap: http://digitalphoenix.info/uploads/so/honeyPotCapture.pcap (same as above except the fake MAC and target IP is 192.168.0.109 instead of x.x.x.106)
FINAL EDIT: Fixed. I'm blind. Turns out the server IP addr field was filled in when RFC says not to. Amazing what a good night's sleep can do.
I am using C# sockets to have a connection between a device (client) and a computer (server).
All is working good except for the fact that I am trying to avoid the user to enter the IP address and port number wherein to connect to on the device. Instead I want a listbox or drop down list of all IP addresses with listening sockets. Just wondering if there's a way to get all the IP addresses and port numbers of hosts with listening (socket)?
Thanks for any help! :)
What you're asking to do is called a port scan. It basically involves testing each IP address in a range and each port and reporting the success of that attempt. It's slow and it will cause a lot of alarms if there is any kind of threat monitoring on the network because port scanning is one of the ways attackers try to find network vulnerabilities.
So in short, this is a bad idea and probably won't be responsive enough for you to use for this purpose. Instead what you might consider is using a central server as a "directory" that each server would register with.
Or you can send out a broadcast on your subnet and wait for servers to respond. This is how some of the peer networking works in Windows for example. Note that this assumes you are the developer of the server as well and you can add in the logic necessary for the server to listen for broadcasts.
By using UDP broadcast, you can send out the data to the Server which are listening at the fixed port. The following is the working example.
foreach (IPAddress ip in allLocalNetworkAddresses.AddressList)
{
Socket client = new Socket(AddressFamily.InterNetwork, SocketType.Dgram, ProtocolType.Udp);
//Allow sending broadcast messages
client.SetSocketOption(SocketOptionLevel.Socket,
SocketOptionName.Broadcast, 1);
//Create endpoint, broadcast.
IPEndPoint AllEndPoint = new IPEndPoint(IPAddress.Broadcast, Port);
byte[] sendData = Encoding.ASCII.GetBytes("1");
//Send message to everyone on this network
client.SendTo(sendData, AllEndPoint);
Console.Write("Client send '1' to " + AllEndPoint.ToString() +
Environment.NewLine);