[CentOS] testing a udp socket with netcat

Wed Mar 14 15:18:25 UTC 2012
Giles Coochey <giles at coochey.net>

On 14/03/2012 14:56, Arif Hossain wrote:
> On Wed, 2012-03-14 at 14:11 +0000, Giles Coochey wrote:
>> --------------ms000000020507030501060609
>> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>> Content-Transfer-Encoding: quoted-printable
>>
>> On 14/03/2012 13:59, Arif Hossain wrote:
>>> On Wed, 2012-03-14 at 08:37 -0500, Les Mikesell wrote:
>>>> On Wed, Mar 14, 2012 at 8:25 AM, Arif Hossain<freefall1986 at gmail.com>  =
>>   wrote:
>>>>> i've this udp daemon which is waiting for an incoming udp datagram. n=
>> ow
>>>>> i want test this daemon for random garbage to test how it behaves. My=
>>>>> udp daemon is running because its shows on netstat. problem is if i
>>>>> issue following command for putting udp datagram :
>>>>> $nc -uvvz<host>   <port>
>>>>>
>>>>> it does not output any thing. i have straced the udp daemon. which do=
>> es
>>>>> not returns from recv() call.
>>>>>
>>>>> my goal is to ppience regarding netcat so i'm asking if anyone can he=
>> lp me
>>>>> out with this.
>>>> Do you have iptables running?   The default config would probably
>>>> block your udp traffic.
>>>>
>>> here is my iptable-rules
>>>
>>> # Generated by iptables-save v1.4.7 on Wed Mar 14 19:58:13 2012
>>> *mangle
>>> :PREROUTING ACCEPT [329554:95268521]
>>> :INPUT ACCEPT [88918:46924677]
>>> :FORWARD ACCEPT [0:0]
>>> :OUTPUT ACCEPT [7296:1924138]
>>> :POSTROUTING ACCEPT [7296:1924138]
>>> COMMIT
>>> # Completed on Wed Mar 14 19:58:13 2012
>>> # Generated by iptables-save v1.4.7 on Wed Mar 14 19:58:13 2012
>>> *filter
>>> :INPUT ACCEPT [0:0]
>>> :FORWARD ACCEPT [0:0]
>>> :OUTPUT ACCEPT [206514:24743648]
>>> -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
>>> -A INPUT -p icmp -j ACCEPT
>>> -A INPUT -i lo -j ACCEPT
>>> -A INPUT -p tcp -m state --state NEW -m tcp --dport<port>   -j ACCEPT
>>> -A INPUT -j REJECT --reject-with icmp-host-prohibited
>>> -A FORWARD -j REJECT --reject-with icmp-host-prohibited
>>> COMMIT
>>> # Completed on Wed Mar 14 19:58:13 2012
>>>
>> And your INPUT chain rejects everything that is not matched by those=20
>> lines above it.
>>
>> You'll need a:
>>
>> -A INPUT -p udp --dport<port>  -j ACCEPT in there before you go to REJECT=
>> =2E
>>
>> --=20
>> Best Regards,
> for testing purpose i have flushed all rules in iptables -t filter
>
> $iptables -t filter --flush
>
> but still if try putting data by nc:
>
> $nc -uvv localhost 7160
>
> outputs :
>
> write error: connection refused.
>
>
Is SELinux installed and Enforcing?

-- 
Best Regards,

Giles Coochey
NetSecSpec Ltd
UK Mobile: +44 7983 877 438
Business Email: giles.coochey at netsecspec.co.uk
Email/MSN/Live Messenger: giles at coochey.net
Skype: gilescoochey