On 14/03/2012 13:59, Arif Hossain wrote:
On Wed, 2012-03-14 at 08:37 -0500, Les Mikesell wrote:
On Wed, Mar 14, 2012 at 8:25 AM, Arif Hossain<freefall1986@xxxxxxxxx> wrote:
i've this udp daemon which is waiting for an incoming udp datagram. now
i want test this daemon for random garbage to test how it behaves. My
udp daemon is running because its shows on netstat. problem is if i
issue following command for putting udp datagram :
$nc -uvvz<host> <port>
it does not output any thing. i have straced the udp daemon. which does
not returns from recv() call.
my goal is to ppience regarding netcat so i'm asking if anyone can help me
out with this.
Do you have iptables running? The default config would probably
block your udp traffic.
here is my iptable-rules
# Generated by iptables-save v1.4.7 on Wed Mar 14 19:58:13 2012
*mangle
:PREROUTING ACCEPT [329554:95268521]
:INPUT ACCEPT [88918:46924677]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [7296:1924138]
:POSTROUTING ACCEPT [7296:1924138]
COMMIT
# Completed on Wed Mar 14 19:58:13 2012
# Generated by iptables-save v1.4.7 on Wed Mar 14 19:58:13 2012
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [206514:24743648]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport<port> -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Wed Mar 14 19:58:13 2012
And your INPUT chain rejects everything that is not matched by those
lines above it.
You'll need a:
-A INPUT -p udp --dport <port> -j ACCEPT in there before you go to REJECT.
--
Best Regards,
Giles Coochey
NetSecSpec Ltd
UK Mobile: +44 7983 877 438
Business Email: giles.coochey@xxxxxxxxxxxxxxxx
Email/MSN/Live Messenger: giles@xxxxxxxxxxx
Skype: gilescoochey
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
