Re: how can I tunnel a Broadcast through a firewall ?
From: RainbowHat (nHiATlE@blSackholeP.mAit.edMu.invalid)Date: 04/28/02
- Next message: RainbowHat: "Re: nmap results in html format"
- Previous message: testingForEchoes: "Re: cupsd on home pc - should I kill the server for security"
- In reply to: Christian Wiese: "how can I tunnel a Broadcast through a firewall ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: RainbowHat <nHiATlE@blSackholeP.mAit.edMu.invalid> Date: Sun, 28 Apr 2002 17:50:35 +0000 (UTC)
< Christian Wiese
I've understood what are you doing but can't understand what is your
purpose.
>164.19.200.173:2196 --> 255.255.255.255:177 UDP TTL=128
194.25.15.0 - 194.25.15.31 (TELEKOM-FWBI) Deutsche Telekom AG; firewall
to corporate network, SCZ Bielefeld; DE
164.16.0.0 - 164.34.0.0 Telekom (NET- TELEKOM-BLK)
192.10.0.0 - 192.10.40.0 Symbolics, Inc. (NETBLK-SYMBOLICS1)
192.0.2.0/24 TEST-NET
RFC1918 private address
10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
255.255.255.255 is local broadcast address not global broadcast address.
164.19.200.255 is directed broadcast. Most routers in the internet that
is not misconfigured doesn't forward the packets. You should test in the
experimental environment that is local segment LAN (or local virtual
segment VLAN).
(A)164.19.200.173 (Bex)164.19.200.167 (Bin)192.10.10.79 (C)192.10.10.3
(D)192.10.10.54 (E)192.10.10.77 are not private address.
You should change IP to
(A)164.19.200.173 (Bex)164.19.200.167 (Bin)192.168.10.79 (C)192.168.10.3
(D)192.168.10.54 (E)192.168.10.77.
Or for local experimental environment;
(A)10.19.200.173 (Bex)10.19.200.167 (Bin)192.168.10.79 (C)192.168.10.3
(D)192.168.10.54 (E)192.168.10.77.
(A) (B)Linux router
164.19.200.173=====164.19.200.167/ (C)
192.168.10.79---+---192.168.10.3
| (D)
+---192.168.10.54
| (E)
+---192.168.10.77
===== internet HUB
----- local network broadcast 255.255.255.255
UDP
164.19.200.173 ==> 164.19.200.255:n --> 255.255.255.255:n
164.19.200.173 ==> 164.19.200.167:11177 --> 255.255.255.255:177
164.19.200.173 ==> 164.19.200.167:177 --> 255.255.255.255:177
RFC2644 Changing the Default for Directed Broadcasts in Routers
RFC1812 Requirements for IP Version 4 Routers
RFC2267 Network Ingress Filtering (Border ingress filtering)
RFC1918 Address Allocation for Private Internet
>But I cant sniff a package like
>164.19.200.173:xxx --> 192.10.10.255:177
>in the internal network.
How about to sniff box (B) eth1 and eth0.
-- Regards, RainbowHat. To spoof or not to spoof, that is the IPv4 packet. ----+----1----+----2----+----3----+----4----+----5----+----6----+----7
- Next message: RainbowHat: "Re: nmap results in html format"
- Previous message: testingForEchoes: "Re: cupsd on home pc - should I kill the server for security"
- In reply to: Christian Wiese: "how can I tunnel a Broadcast through a firewall ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
