linux 为什么tcpdump可以接收netcat或socat不能接收的UDP广播?

vdzxcuhz  于 12个月前  发布在  Linux
关注(0)|答案(1)|浏览(251)

我有一个单独的调制解调器和路由器,将调制解调器配置为网桥。调制解调器托管一个LAN,其IP地址为192.186.2.1。为了能够access the modem's web UI,路由器在WAN端口上有一个额外的接口,在调制解调器的LAN中具有固定的IP地址(192.168.2.10)。
调制解调器通过UDP广播VDSL状态数据。我想在我的路由器上监听这些数据包,但我无法使用netcatsocat捕获它们。但它们肯定在那里,因为它们显示在TCP转储中。

# tcpdump -i wan broadcast -v
tcpdump: listening on wan, link-type EN10MB (Ethernet), capture size 262144 bytes
14:19:25.579815 IP (tos 0x0, ttl 254, id 54981, offset 0, flags [none], proto UDP (17), length 144)
    0.0.0.0.13253 > 255.255.255.255.4944: UDP, length 116
14:19:35.580363 IP (tos 0x0, ttl 254, id 54982, offset 0, flags [none], proto UDP (17), length 144)
    0.0.0.0.13306 > 255.255.255.255.4944: UDP, length 116
14:19:45.580894 IP (tos 0x0, ttl 254, id 54983, offset 0, flags [none], proto UDP (17), length 144)
    0.0.0.0.13368 > 255.255.255.255.4944: UDP, length 116

字符串
但是socat(使用此处描述的so-bindtodevice:https://unix.stackexchange.com/a/663180)看不到任何内容...

# socat -v udp-recv:4944,so-bindtodevice=wan -

<nothing happens>


......而netcat(此处指定接口为:https://unix.stackexchange.com/q/368690)也不支持此操作。

# netcat -v -ul 4944 -s 192.168.2.10

<nothing happens>


为什么socat没有接收到广播数据包?我如何配置它?

背景信息

  • 调制解调器:Draytek Vigor 130(3.8.5_BT)
  • 路由器:Linksys WRT 1900 ACS(开放式Wrt 22.03.2)

路由器上有WAN和网桥接口,WAN端口连接到调制解调器:

# ip a
...
7: wan@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
    link/ether 5a:ef:68:b7:05:bc brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.10/24 brd 192.168.2.255 scope global wan
       valid_lft forever preferred_lft forever
    inet 79.71.35.166/19 brd 79.71.63.255 scope global wan
       valid_lft forever preferred_lft forever
    inet6 fe80::58ef:68ff:feb7:5bc/64 scope link 
       valid_lft forever preferred_lft forever
10: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
    link/ether 58:ef:68:b7:05:bc brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.1/24 brd 192.168.1.255 scope global br-lan
       valid_lft forever preferred_lft forever
    inet6 fde7:9501:870b::1/60 scope global noprefixroute 
       valid_lft forever preferred_lft forever
    inet6 fe80::5aef:68ff:feb7:5bc/64 scope link 
       valid_lft forever preferred_lft forever


路由表显示192.168.2.0使用WAN接口。

# ip route
default via 79.71.32.1 dev wan  src 79.71.35.166 
79.71.32.0/19 dev wan scope link  src 79.71.35.166 
192.168.1.0/24 dev br-lan scope link  src 192.168.1.1 
192.168.2.0/24 dev wan scope link  src 192.168.2.10


软件版本。

# tcpdump --version
tcpdump version 4.9.3
libpcap version 1.10.1 (with TPACKET_V3)

# netcat --version
netcat (The GNU Netcat) 0.7.1
Copyright (C) 2002 - 2003  Giovanni Giacobbi

This program comes with NO WARRANTY, to the extent permitted by law.
You may redistribute copies of this program under the terms of
the GNU General Public License.
For more information about these matters, see the file named COPYING.

Original idea and design by Avian Research <[email protected]>,
Written by Giovanni Giacobbi <[email protected]>.

# socat -V
socat by Gerhard Rieger and contributors - see www.dest-unreach.org
socat version 1.7.4.1 on 1672494323
   running on Linux version #0 SMP Fri Oct 14 22:44:41 2022, release 5.10.146, machine armv7l
features:
  #define WITH_STDIO 1
  #define WITH_FDNUM 1
  #define WITH_FILE 1
  #define WITH_CREAT 1
  #define WITH_GOPEN 1
  #define WITH_TERMIOS 1
  #define WITH_PIPE 1
  #define WITH_UNIX 1
  #define WITH_ABSTRACT_UNIXSOCKET 1
  #define WITH_IP4 1
  #define WITH_IP6 1
  #define WITH_RAWIP 1
  #define WITH_GENERICSOCKET 1
  #define WITH_INTERFACE 1
  #define WITH_TCP 1
  #define WITH_UDP 1
  #define WITH_SCTP 1
  #define WITH_LISTEN 1
  #define WITH_SOCKS4 1
  #define WITH_SOCKS4A 1
  #define WITH_VSOCK 1
  #define WITH_PROXY 1
  #define WITH_SYSTEM 1
  #define WITH_EXEC 1
  #undef WITH_READLINE
  #define WITH_TUN 1
  #define WITH_PTY 1
  #undef WITH_OPENSSL
  #undef WITH_FIPS
  #undef WITH_LIBWRAP
  #define WITH_SYCLS 1
  #define WITH_FILAN 1
  #define WITH_RETRY 1
  #define WITH_MSGLEVEL 0 /*debug*/


反向路径过滤已禁用(例如https://stackoverflow.com/a/48256271/3508733

# cat /proc/sys/net/ipv4/conf/all/rp_filter 
0
# cat /proc/sys/net/ipv4/conf/wan/rp_filter 
0
# cat /proc/sys/net/ipv4/conf/eth0/rp_filter
0


netcatsocat中添加广播选项没有任何帮助:

# netcat -v -ul 4944 -s 192.168.2.10 -b
netcat: unrecognized option: b
Try `netcat --help' for more information.
# socat -v -d -d udp4-recv:4944,so-bindtodevice=wan,so-broadcast -
2023/01/03 16:42:17 socat[10747] N reading from and writing to stdio
2023/01/03 16:42:17 socat[10747] N starting data transfer loop with FDs [5,5] and [0,1]

<nothing happens>
y3bcpkx1

y3bcpkx11#

支持 socatnetcat

你的例子似乎有什么问题,你输入了你的源地址,但你没有输入目的地地址,你想发送数据包。相反,你配置了 netcat 监听。
我使用了你的 socat 与我的特定设置广播UDP数据包:

^Cdrazen@HP-ProBook-640G1:~$ socat -v udp-recv:4944,so-bindtodevice=wlo1 -
> 2023/12/01 13:42:43.921297  length=12 from=5 to=16
testing1
testing1
> 2023/12/01 13:43:08.252901  length=15 from=17 to=31
testing2......
testing2......
> 2023/12/01 13:43:23.456512  length=15 from=32 to=46
testing3------
testing3------
> 2023/12/01 13:51:19.697565  length=8 from=47 to=54
TEST OK
TEST OK

字符串
如果你只有一个网络接口,它可以在没有so-bindtodevice的情况下工作,因为 socat 会监听它。
我重写了你的 netcat 命令来发送广播包:

drazen@HP-ProBook-640G1:~$ netcat -v -ub 255.255.255.255 4944 -s 192.168.0.17
Connection to 255.255.255.255 4944 port [udp/*] succeeded!
testing1
testing2......                                       
testing3------
TEST OK


你的命令做错了什么,它使用了监听标志-l而不是广播标志-b,并且它缺少目的地址255.255.255.255
同样,它将工作,而无需指定您的源地址-s作为UDP数据包已经有该信息。

相关问题