|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [tcptra-dev] tcptraceroute test suite
|
> >Hmm, that's interesting. Did my webserver happen to be down at the time,
> >or are you unable to complete a traceroute using tcptraceroute-1.5beta3,
> >compiled against libpcap-0.7 and libnet-1.1.1 under Solaris?
>
> Looks like it can find the SYN ACK. Seems to be a dependency with
> libnet-1.1.1.. libnet-1.0.2a works fine. See attachments.
I wonder why this would be. You're using the same tcptraceroute code and
the same version of libpcap to process inbound packets, and the outbound
packets should all be fairly identical. The only plausible scenario I can
imagine is that libnet-1.1.1 on Solaris is constructing valid IP packets,
but with invalid TCP payloads. Intermediate routers wouldn't decode the
packet far enough to see the invalid TCP data when sending back an ICMP
time-exceeded error, but the remote host may silently discard the invalid
packet rather than responding with an RST or a SYN ACK. One possible way
to check this theory would be to run something along the lines of:
tcpdump -v -v -v -n tcp port 42
on a remote host, and then run:
tcptraceroute -f 30 host 42
from your Solaris host. With enough verbosity turned on, tcpdump should
attempt to verify packet checksums and call attention to those that are
invalid.
Do you have access to enough resources to conduct such a test? If not,
please let me know and I can arrange to leave tcpdump running on a host on
my network for a day or two.
> On a related note.. to get --with-libpcap working I had to modify the
> configure script.. see attachment.
Thanks; I applied the changes to the configure.ac file.
I'll be releasing tcptraceroute-1.5beta5 shortly which includes these
changes a small number of other minor changes.
-mct
_______________________________________________
tcptraceroute-dev mailing list
tcptraceroute-dev@netisland.net
https://lists.netisland.net/mailman/listinfo/tcptraceroute-dev
|
|