Prev: decode /proc
Next: Relationship between pdflush & kjournald
From: Sidney Lambe on 31 Jan 2010 02:39
On comp.os.linux.networking, Tauno Voipio <tauno.voipio(a)notused.fi.invalid> wrote:
> Greg Russell wrote:
>
[delete]
> For sniffers, my favourite is Wireshark, but the raw capture
> can be done with tcpdump. If it is not possible to run
> X on the server, I'd capture the traffic with tcpdump's
> write to file option and decode the captures on a workstation
> with Wireshark.
>

Interesting thread.

Tethereal, which comes with ethereal (X app), is a great console
packet sniffer. I run it in its own window all the time.

Sid


From: Tauno Voipio on 31 Jan 2010 04:59
Sidney Lambe wrote:
> On comp.os.linux.networking, Tauno Voipio <tauno.voipio(a)notused.fi.invalid> wrote:
>> Greg Russell wrote:
>>
> [delete]
>> For sniffers, my favourite is Wireshark, but the raw capture
>> can be done with tcpdump. If it is not possible to run
>> X on the server, I'd capture the traffic with tcpdump's
>> write to file option and decode the captures on a workstation
>> with Wireshark.
>>
>
> Interesting thread.
>
> Tethereal, which comes with ethereal (X app), is a great console
> packet sniffer. I run it in its own window all the time.
>
> Sid


Forget Ethereal and friends, it is Wireshark and tshark now.

--

Tauno Voipio

From: David Brown on 31 Jan 2010 07:33
Greg Russell wrote:
> In news:w8SdnQpmPKXhovnWnZ2dnUVZ8qidnZ2d(a)lyse.net,
> David Brown <david.brown(a)hesbynett.removethisbit.no> typed:
>
>>> I haven't used openVPN but if support for Microsoft may be important
>>> then its definitely worth thinking about.
>>>
>> OpenVPN clients are extremely easy to work with in Windows (assuming
>> you install the gui - on older versions of OpenVPN, the windows gui
>> was a separate program, but these days it is in the main installation
>> package). In fact, I haven't seen anything as convenient for
>> activating OpenVPN tunnels in Linux - not that I have looked very
>> hard, since I am happy using the command line for that sort of thing,
>> and my colleagues who want a point-and-click gui use windows.
>>
>>> Note that you **can** create a tunnelled connection using SSH (not
>>> just port forwarding) by running ppp through the connection - I've
>>> previously done this using stunnel rather than ssh and it proved very
>>> reliable with only a very slight impact on bandwidth (we even used
>>> VOIP across the VPN with no noticeable delay).
>> You certainly /can/ do that sort of thing with ssh - it's a swiss army
>> knife tool. But OpenVPN is dedicated to the task, and it's easier.
>
> After all the recommendations, we've chosen openvpn, and it was indeed very
> eay to install, configure and administer, using the web-based admin GUI on
> the Linux server. It correctly configured the iptables firewall too, which
> was a concern.
>
> To test, we used a Windows 2000 machine on dialup, connect to the client
> interface on the Linux web host, downloaded the M$ installer and the
> user-specific client profile. Everything was indeed very easy.
>
> The trouble is that it doesn't work for some strange reason. The Windows
> client connects, authentication completes, but the Windows client then
> disconnects after about 5-15 seconds for no discernible reason.
>
> The openvpn server shows that the client is still connected with an assigned
> IP address though, but a "route print" on the Windows machine has no route
> for the vpn packets, and "ipconfig /all" shows the virtual TUN interface
> with no assigned IP address and no gateway address, and the task tray icon
> shows the TUN interface as "cable unplugged".
>
> We've copied the log entries from the openvpn linux server to the "live
> chat" tech support at openvpn, and they can see nothing wrong with the
> connection, nor can they offer any possible reason for the failure of the M$
> client to be properly configured with the necessary vpn DHCP information.
>
> For the moment at least, we're defeated.

Here's a couple of things that might give you ideas:

You can change the logging level at both the client and server end -
higher values might give you more hints about the problem.

Make sure your time and date is reasonably accurate at both ends - it
doesn't need to be precise, but I know from experience that things go
wrong if one end has a date that is earlier than the signing date of the
certificates.

Check your MTU. That could easily be a problem, especially when using
dial-up. Typical symptoms are a connection that works for some things,
but fails when you try to transfer larger packets. OpenVPN can often
fix the MTU issues automatically, but if not then it has options to
force MTU sizes.

Turn off all firewalling on the client, especially any "Norton" or
third-party firewall stuff - it might be getting in the way. You can
always re-enable them afterwards when you have got things working.

mvh.,

David
From: Sidney Lambe on 31 Jan 2010 11:03
On comp.os.linux.networking, Tauno Voipio <tauno.voipio(a)notused.fi.invalid> wrote:
> Sidney Lambe wrote:
>> On comp.os.linux.networking, Tauno Voipio <tauno.voipio(a)notused.fi.invalid> wrote:
>>> Greg Russell wrote:
>>>
>> [delete]
>>> For sniffers, my favourite is Wireshark, but the raw capture
>>> can be done with tcpdump. If it is not possible to run
>>> X on the server, I'd capture the traffic with tcpdump's
>>> write to file option and decode the captures on a workstation
>>> with Wireshark.
>>>
>>
>> Interesting thread.
>>
>> Tethereal, which comes with ethereal (X app), is a great console
>> packet sniffer. I run it in its own window all the time.
>>
>> Sid
>
>
> Forget Ethereal and friends, it is Wireshark and tshark now.

Unless you explain why this is supposedly the case, your words
will be ignored by me and everyone else with a functioning mind.

As they would be if your explanation was inadequate.

I use tethereal and it works wonderfully.


>
> --
>
> Tauno Voipio
>

Rather the big ego he has, eh?


Sid


From: Grant Edwards on 31 Jan 2010 11:27
On 2010-01-31, Sidney Lambe <sidneylambe(a)nospam.invalid> wrote:
> On comp.os.linux.networking, Tauno Voipio <tauno.voipio(a)notused.fi.invalid> wrote:
>> Sidney Lambe wrote:
>>> On comp.os.linux.networking, Tauno Voipio <tauno.voipio(a)notused.fi.invalid> wrote:
>>>> Greg Russell wrote:
>>>>
>>> [delete]
>>>> For sniffers, my favourite is Wireshark, but the raw capture
>>>> can be done with tcpdump. If it is not possible to run
>>>> X on the server, I'd capture the traffic with tcpdump's
>>>> write to file option and decode the captures on a workstation
>>>> with Wireshark.
>>>
>>> Interesting thread.
>>>
>>> Tethereal, which comes with ethereal (X app), is a great console
>>> packet sniffer. I run it in its own window all the time.
>>
>> Forget Ethereal and friends, it is Wireshark and tshark now.
>
> Unless you explain why this is supposedly the case,

You're joking, right? The name of the program changed from
Ethereal to Wireshark years ago. Any remotely recent version
will be called wireshark (or tshark).

> your words will be ignored by me and everyone else with a
> functioning mind.

Yet you paid them attention, thus belying your own statement.

> As they would be if your explanation was inadequate.
>
> I use tethereal and it works wonderfully.

Bully for you, but running out-of-date software puts you at
risk of attack. Tshark is what the program has been called for
something like 4 years now. You might want to update your
software every year or three, Sid -- especially stuff that uses
root privledges like "ethereal".

--
Grant

First  |  Prev  |  Next  |  Last
Pages: 1 2 3 4
Prev: decode /proc
Next: Relationship between pdflush & kjournald