gettimeofday() in hping
Stefan Lambrev
stefan.lambrev at moneybookers.com
Sun Jan 27 02:57:32 PST 2008
Greetings,
Stefan Lambrev wrote:
> Greetings,
>
> Kris Kennaway wrote:
>> Stefan Lambrev wrote:
>>
>>>> It is the socket buffer that is filling up. Either the application
>>>> is not increasing it to large enough size or the default maximum is
>>>> too low (Linux may set a larger default). Try increasing
>>>> kern.ipc.maxsockbuf and confirming with the source and/or ktrace
>>>> that it is doing the right setsockopt() call.
>>> Increasing kern.ipc.maxsockbuf doesn't help.
>>>
>>> Actually this is the code that failed and print this error:
>>>
>>> result = sendto(sockraw, packet, packetsize, 0,
>>> (struct sockaddr*)&remote, sizeof(remote));
>>>
>>> if (result == -1 && errno != EINTR && !opt_rand_dest &&
>>> !opt_rand_source) {
>>> perror("[send_ip] sendto");
>>>
>>> Those are the only references for setsockopt when ktracing:
>>> 3385 hping CALL __sysctl(0xbfbfe870,0x6,0,0xbfbfe888,0,0)
>>> 3385 hping RET __sysctl 0
>>> 3385 hping CALL __sysctl(0xbfbfe870,0x6,0x28305180,0xbfbfe888,0,0)
>>> 3385 hping RET __sysctl 0
>>> 3385 hping CALL socket(PF_INET,SOCK_DGRAM,IPPROTO_IP)
>>> 3385 hping RET socket 3
>>> 3385 hping CALL
>>> setsockopt(0x3,SOL_SOCKET,SO_BROADCAST,0xbfbfe884,0x4)
>>> 3385 hping RET setsockopt 0
>>> 3385 hping CALL connect(0x3,0x8067da0,0x10)
>>> 3385 hping RET connect 0
>>> 3385 hping CALL getsockname(0x3,0xbfbfe874,0xbfbfe888)
>>> 3385 hping RET getsockname 0
>>> 3385 hping CALL close(0x3)
>>> 3385 hping RET close 0
>>> 3385 hping CALL socket(PF_INET,SOCK_RAW,IPPROTO_RAW)
>>> 3385 hping RET socket 3
>>> 3385 hping CALL
>>> setsockopt(0x3,SOL_SOCKET,SO_BROADCAST,0xbfbfe914,0x4)
>>> 3385 hping RET setsockopt 0
>>> 3385 hping CALL setsockopt(0x3,0,0x2,0xbfbfe914,0x4)
>>> 3385 hping RET setsockopt 0
>>> 3385 hping CALL open(0xbfbfe8a4,O_RDWR,<unused>0)
>>> 3385 hping NAMI "/dev/bpf0"
>>> 3385 hping RET open -1 errno 16 Device busy
>>> 3385 hping CALL open(0xbfbfe8a4,O_RDWR,<unused>0)
>>> 3385 hping NAMI "/dev/bpf1"
>>> 3385 hping RET open 4
>>
>> OK, try adding the setsockopt(...SO_SNDBUF...) call.
> Will something like this do the trick?
>
> void socket_sndbuf(int sd)
> {
> long int bufsize;
> bufsize = 65536;
> if (setsockopt(sd, SOL_SOCKET, SO_SNDBUF,
> (char *)&bufsize, sizeof(int)) == -1)
> {
> printf("[socket_sndbuf] can't set SO_SNDBUF option\n");
> }
> }
>
> I'm not a C developer so pardon me if I made something stupid :)
> Also how can I make bufsize = default settings*2 for example?
>
> I tried this code and here is what ktrace show now:
> 65372 hping3 CALL socket(PF_INET,SOCK_DGRAM,IPPROTO_IP)
> 65372 hping3 RET socket 3
> 65372 hping3 CALL
> setsockopt(0x3,SOL_SOCKET,SO_BROADCAST,0xbfbfe844,0x4)
> 65372 hping3 RET setsockopt 0
> 65372 hping3 CALL connect(0x3,0x8067e20,0x10)
> 65372 hping3 RET connect 0
> 65372 hping3 CALL getsockname(0x3,0xbfbfe834,0xbfbfe848)
> 65372 hping3 RET getsockname 0
> 65372 hping3 CALL close(0x3)
> 65372 hping3 RET close 0
> 65372 hping3 CALL socket(PF_INET,SOCK_RAW,IPPROTO_RAW)
> 65372 hping3 RET socket 3
> 65372 hping3 CALL
> setsockopt(0x3,SOL_SOCKET,SO_BROADCAST,0xbfbfe8d4,0x4)
> 65372 hping3 RET setsockopt 0
> 65372 hping3 CALL setsockopt(0x3,0,0x2,0xbfbfe8d4,0x4)
> 65372 hping3 RET setsockopt 0
> 65372 hping3 CALL setsockopt(0x3,SOL_SOCKET,SO_SNDBUF,0xbfbfe8d4,0x4)
> 65372 hping3 RET setsockopt 0
>
>>
>> Kris
>> _______________________________________________
>> freebsd-hackers at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
>> To unsubscribe, send any mail to
>> "freebsd-hackers-unsubscribe at freebsd.org"
>
I finally managed to get ktrace of falling hping
2250 hping3 RET sendto 40/0x28
2250 hping3 CALL sigaction(SIGALRM,0x7fffffffe7b0,0x7fffffffe790)
2250 hping3 RET sigaction 0
2250 hping3 CALL setitimer(0,0x7fffffffe7c0,0x7fffffffe7a0)
2250 hping3 RET setitimer 0
2250 hping3 CALL gettimeofday(0x7fffffffe780,0)
2250 hping3 RET gettimeofday 0
2250 hping3 CALL gettimeofday(0x7fffffffe780,0)
2250 hping3 RET gettimeofday 0
2250 hping3 CALL sendto(0x3,0x800e1b050,0x28,0,0x522600,0x10)
2250 hping3 GIO fd 3 wrote 40 bytes
0x0000 4500 2800 c3f0 0000 4006 0000 0a03 0303 0a03 0301 9570
0050 6b32 4398 30f3 e723 5002 0200 3737 0000
|E.(..... at ............p.Pk2C.0..#P...77..|
2250 hping3 RET sendto 40/0x28
2250 hping3 CALL sigaction(SIGALRM,0x7fffffffe7b0,0x7fffffffe790)
2250 hping3 RET sigaction 0
2250 hping3 CALL setitimer(0,0x7fffffffe7c0,0x7fffffffe7a0)
2250 hping3 RET setitimer 0
2250 hping3 CALL gettimeofday(0x7fffffffe780,0)
2250 hping3 RET gettimeofday 0
2250 hping3 CALL gettimeofday(0x7fffffffe780,0)
2250 hping3 RET gettimeofday 0
2250 hping3 CALL sendto(0x3,0x800e1b050,0x28,0,0x522600,0x10)
2250 hping3 RET sendto -1 errno 55 No buffer space available
2250 hping3 CALL writev(0x2,0x7fffffffe6a0,0x4)
2250 hping3 GIO fd 2 wrote 44 bytes
"[send_ip] sendto: No buffer space available
"
2250 hping3 RET writev 44/0x2c
2250 hping3 CALL close(0x3)
2250 hping3 RET close 0
2250 hping3 CALL close(0x4)
2250 hping3 RET close 0
2250 hping3 CALL exit(0x1)
and it only confirms that sendto failed.
BTW this is with patched source after calling setsockopt(..SO_SNDBUF..)
where bufsize = 165536.
--
Best Wishes,
Stefan Lambrev
ICQ# 24134177
More information about the freebsd-hackers
mailing list