On 14/03/2012 13:59, Arif Hossain wrote: > On Wed, 2012-03-14 at 08:37 -0500, Les Mikesell wrote: >> On Wed, Mar 14, 2012 at 8:25 AM, Arif Hossain<freefall1986 at gmail.com> wrote: >>> i've this udp daemon which is waiting for an incoming udp datagram. now >>> i want test this daemon for random garbage to test how it behaves. My >>> udp daemon is running because its shows on netstat. problem is if i >>> issue following command for putting udp datagram : >>> $nc -uvvz<host> <port> >>> >>> it does not output any thing. i have straced the udp daemon. which does >>> not returns from recv() call. >>> >>> my goal is to ppience regarding netcat so i'm asking if anyone can help me >>> out with this. >> Do you have iptables running? The default config would probably >> block your udp traffic. >> > here is my iptable-rules > > # Generated by iptables-save v1.4.7 on Wed Mar 14 19:58:13 2012 > *mangle > :PREROUTING ACCEPT [329554:95268521] > :INPUT ACCEPT [88918:46924677] > :FORWARD ACCEPT [0:0] > :OUTPUT ACCEPT [7296:1924138] > :POSTROUTING ACCEPT [7296:1924138] > COMMIT > # Completed on Wed Mar 14 19:58:13 2012 > # Generated by iptables-save v1.4.7 on Wed Mar 14 19:58:13 2012 > *filter > :INPUT ACCEPT [0:0] > :FORWARD ACCEPT [0:0] > :OUTPUT ACCEPT [206514:24743648] > -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT > -A INPUT -p icmp -j ACCEPT > -A INPUT -i lo -j ACCEPT > -A INPUT -p tcp -m state --state NEW -m tcp --dport<port> -j ACCEPT > -A INPUT -j REJECT --reject-with icmp-host-prohibited > -A FORWARD -j REJECT --reject-with icmp-host-prohibited > COMMIT > # Completed on Wed Mar 14 19:58:13 2012 > And your INPUT chain rejects everything that is not matched by those lines above it. You'll need a: -A INPUT -p udp --dport <port> -j ACCEPT in there before you go to REJECT. -- Best Regards, Giles Coochey NetSecSpec Ltd UK Mobile: +44 7983 877 438 Business Email: giles.coochey at netsecspec.co.uk Email/MSN/Live Messenger: giles at coochey.net Skype: gilescoochey