I need to generate a very high level of wifi activity for a study to see if very close proximity to a transceiver can have a negative impact on development of bee colonies.
I have tried to write an application which spawns several web-socket server-client pairs to continuously transfer mid-sized files (this approach hit >100MB). However, we want to run this on a single computer connected to a wifi router, so the packets invariably end up getting routed via the loopback interface, not the WLAN.
Alternatively I have tried using a either simple ping floods and curling the router, but this is not producing nearly the maximum bandwidth the router is capable of.
Is there a quick fix on linux to force the traffic over the network? The computer we are using has both an ethernet and a wireless interface, and I found one thread online which suggested setting up iptables to force traffic between the two interfaces and avoid the loopback.
Simply sending packets as fast as possible to a random destination (that is not localhost) should work.
You'll need to use udp (otherwise you need a connection acknowledge before you can send data).
cat /dev/urandom | pv | nc -u 1.1.1.1 9123
pv is optional (but nice).
You can also use /dev/zero, but there may be a risk of link-level compression.
Of course, make sure the router is not actually connected to the internet (you don't want to flood a server somewhere!), and that your computer has the router as the default route.
Related
I am trying to create a chess game between two different computers that are not in the same LAN. I am having trouble connecting the two via a TCP connection (UDP would probably be sufficient as well if the packets are arriving, but ideally TCP).
I am new to a lot of networking and am unaware of many different tools that may be useful and I am also in university and therefore don't have control over the router to update firewall rules. What can I do to work around the router firewall to connect the two devices.
I am primarily using the Python socket library at the moment to implement the connection.
Any information about how I can send messages between the two computers outside of a LAN would be very useful. Thank you for your help!
I have ensured that the client side is using the public IP of the server and the server is using "" for its socket host. I also checked that the connection was working when utilizing a LAN without issue. I included a batch file that enables the specific port used for the game at the beginning of runtime and disables it at the end of the program. If I am not mistaken, that only impacts the computer's firewall rules not the router's. I have looked into receive the packets through port 80 and redirecting it to my specific program, but was unsuccesful in finding a solution of that type.
If the server is behind a router/firewall you'll have to use some sort of hole punching method to create the connection. STUN is one of the most common, though I've never actually used it in a Python program so I don't know what Python implementations are out there.
I have an embedded system on which I can connect to internet. This embedded system must send sensor data to PC client.
I put a socket client using python on my PC. I put a socket server ( using C++ language on the embedded system because you can only use C++ ).
I can succesfully connect from my PC to the embedded system using the sockets and send and recieve whatever I want.
Now, the problem is I use local IP to connect to the system and both of them must be connected to the same Wifi router.
In the real application, I won't know where the embedded system is in the world. I need to get to it through internet, because it will be connectet to internet through 4g.
My question is, how can I connect to it through internet, if the embedded system is connected to internet using 4G?
Thank you
Realistically in typical situations, neither a PC nor an embedded device hanging off a 4g modem will likely have (or should be allowed) to have externally routable addresses.
What this practically means is that you need to bounce your traffic through a mutually visible relay in the cloud.
One very common way of doing that for IoT devices (which is basically to say, connected embedded devices) is to use MQTT. You'll find support in one form or another for most computing platforms with any sort of IP networking capability.
Of course there are many other schemes, too - you can do something with a RESTful API, or websockets (perhaps as an alternate mode of an MQTT broker), or various proprietary IoT solutions offered by the big cloud platforms.
It's also going to be really key that you wrap the traffic in SSL, so you'll need support for that in your embedded device, too. And you'll have to think about which CA certs you package, and what you do about time given its formal requirement as an input to SSL validation.
I think your problem is more easily solved if you reverse the roles of your embedded system and PC. If you are communicating to a device using IP protocols across cellular networks, it is much easier to have the device connect to a server on the PC rather than the other way around. Some networks/cellular modems do not allow server sockets and in any case, the IP address is usually dynamically allocated and therefore difficult to know. By having the device connect to a server, it "knows" the domain name (or IP address) and port to which it should make the connection. You just have to make sure that there is indeed a server program running at that host bound to some agreed upon port number. You can wake up the device to form the connection based on a number of criteria, e.g. time or amount of collected data, etc.
At work, I'm connected to both an internal internet service (through wifi) and an ethernet cable for external internet access. The wifi connection is the only way to connect to our internal databases or systems, but ethernet is what I need for internet browsing. Currently, by default I'm on the ethernet cable, but when I need to connect to our internal databases, I have to unplug the ethernet cable or go into my settings to change the service order to specifically use wifi (unplugging is much quicker).
Is there any way to specify in python to specifically use the non-default wifi connection when connecting to my sql server?
Python can't determine how to connect to IPs, that is in the domain of the operating system, at a lower level than Python cares about. You have to convince your OS to do it. Note that, because of this, the method is necessarily OS-specific, so nothing in this answer will work on anything other than Mac OS X.
I am not 100% sure, but I think you can do it so that OS handles the situation automatically. Try this:
Know the IP address of your database (e.g. 192.168.1.1)
Find out what the connection is called (probably Wi-Fi):
networksetup -listallnetworkservices
Find the gateway that is taking you there (e.g. 192.168.1.254) and its subnet mask (eg. 255.255.255.0):
networksetup -getinfo Wi-Fi
Set up a route so that your Mac OS will know to use that gateway for that address. This is kernel-level stuff so you need superuser access:
sudo networksetup -setadditionalroutes Wi-Fi 192.168.1.1 255.255.255.0 192.168.1.254
If I am correct, you can now browse the web using your normal connection, and use the ethernet Wi-Fi to connect to your database, automatically without you having to do anything further.
Another way to do this, closer to the way you asked it, is to create two different locations, with different service order; then you can switch between them programmatically using
networksetup -switchtolocation MyLovelyDatabase
You can get back to the default using
networksetup -switchtolocation Automatic
You can do this method from Python using subprocess.
I am trying to find a way to block a certain Mac address / Internal IP from accessing the internet (Blocking a device in the LAN to WAN) in python.
This option is available in every modern router in every home but mine is kinda old and doesn't have that feature.
I have a basic knowledge in networking stuff and consider myself an Advanced-Beginner in python, so I'm up for the challenge but still need your help.
*Of course with the option to enable the internet again for that device
I know I am kinda late now but... You can't necessarily block internet access to a machine like you would do in your router's config.
What you CAN do is implement something like an ARP Spoofer. Basically what you would do in a Man-in-the-Middle attack.
You send a malicious ARP packet to poison the target's ARP table. Making it believe your machine is the router/default gateway. That way you can intercept every packet being transmitted by the target. You can then choose if you want to router them or not.
If you choose not to forward the packets, the connection to the internet is cut off.
If you want to forward the packets to the actual router (in order to allow the target to access the internet) you must enable IP Forwarding on your machine.
You can do this by running echo 1 >> /proc/sys/net/ipv4/ip_forward on Linux or changing the Registry Key in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\IPEnableRouter on Windows ('1' forwards the packets, '0' doesn't). By default IP forwarding is set to 0.
Remember you must resend the malicious ARP packet every couple of seconds as the ARP tables get updated quite frequently. This means you don't necessarily have to change the IP Forwarding configuration on your machine. After a minute or less of exiting the script the target's ARP table will go back to normal, giving them access to the internet again.
Here are some python modules you might want to take a look at:
Scapy (Packet Manipulation Tool)
winreg (Windows Registry)
Blocking of traffic has to happen inside the router. If the router does not have this feature, consider to replace it with a new one.
This is the problem I'm trying to solve,
I want to write an application that will read outbound http request packets on the same machine's network card. This would then be able to extract the GET url from it.On basis of this information, I want to be able to stop the packet, or redirect it , or let it pass.
However I want my application to be running in promiscuous mode (like wireshark does), and yet be able to eat up (stop) the outbound packet.
I have searched around a bit on this..
libpcap / pcap.h allows to me read packets at the network card, however I haven't yet been able to figure out a way to stop these packets or inject new ones into the network.
Certain stuff like twisted or scapy in python, allows me set up a server that is listening on some local port, I can then configure my browser to connect to it, using proxy configurations. This app can then do the stuff.. but my main purpose of being promiscuous is defeated here..
Any help on how I could achieve this would be greatly appreciated ..
I'd suggest that you approach this at the application layer and use a transparent proxy (e.g. squid) and iptables based interception of outbound port-80 traffic.
The reason I suggest this is that that it will avoid issues with the request being split between packets.
However, if you still want to go ahead with packet interception, you can do it in userspace using netfilters in netlink. I believe there are python wrappers for libnl around.
Essentially you create an iptables rule pointing to "QUEUE" for the traffic you want to intercept and write a program using a netlink library to process the queue, accepting, rejecting and/or modifying packets.
Using pcap you cannot stop the packets, if you are under windows you must go down to the driver level... but you can stop only packets that your machine send.
A solution is act as a pipe to the destination machine: You need two network interfaces (without address possibly), when you get a packet that you does not found interesting on the source network card you simply send it on the destination network card. If the packet is interesting you does not send it, so you act as a filter. I have done it for multimedia performance test (adding jitter, noise, etc.. to video streaming)
You are confusing several things here:
"Promiscuous" usually refers to a mode of a hardware ethernet network card where it delivers all packets in its collision domain up to the kernel network stack and have it sort out delivery (vs. just unicast to given MAC, subscribed multicast, and broadcast in normal operating mode of the card). This is on the receive path.
All the data outbound from your machine will go through (one of) the network cards on the machine, so "promiscuous" does not at all apply here.
You are working on filtering TCP-based protocol (HTTP), but talk in terms of packets. This is wrong. TCP connection is a stream that could be (as far as socket readers and writers are concerned) arbitrarily split into IP datagrams. That URL from HTTP request header could be split across multiple link-layer frames. You would have to stitch them back together and parse the stream anyway. Then you have no chance even at that if SSL is in use.
If you are interested in HTTP filtering then read HTTP RFCs, and read existing open-source code, e.g. squid, nginx, etc.
If you are digging through network stack for better understaning then read W. Richard Stevens books, look into existing code in open-source operating systems, check out BPF and netlink.
Hope this clears it a little.
I have implemented this module in Windows by using two separate NICs and using a socket/pipe(whatever you like) between them in this thread