[user#testserver~]$ sudo nmap -v -Pn -sU -p 152 10.146.25.44
Starting Nmap 5.51 ( http://nmap.org ) at 2022-09-12 16:32 GMT
Initiating UDP Scan at 16:32
Scanning remoteserver.example.com (10.146.25.44) [1 port]
Completed UDP Scan at 16:32, 0.05s elapsed (1 total ports)
Nmap scan report for remoteserver.example.com (10.146.25.44)
Host is up (0.029s latency).
PORT STATE SERVICE
152/udp closed bftp
#!/usr/bin/python #(i am running below code as root)
from socket import *
udp_scan=socket(AF_INET,SOCK_DGRAM)
udp_scan.connect_ex(('10.146.25.44',152))
0 ------------------> this is reported open where as nmap shows udp port 152 is closed
I do not have access to remote server. When checked the remote servers port status, socket modules gives wrong result
Connecting a UDP socket just means that the destination address is set on the socket. There is no actual communication with the remote system going on, contrary to TCP. Thus that the connections succeeds does not allow any conclusion about the remote systems being reachable, ports being open or that the remote system even exists.
Instead one actually needs to send data to the system. The first send will succeed since it returns after putting the data in the local socket buffer, i.e. before actually transmitting the data to the system. Once the packet gets transmitted it might reach the target or might lost somewhere in the middle. Only if the target or some middlebox in between actively reacts to the packet, then a conclusion about the peer can be done. Specifically
if there is an answer somebody is actively replying to the packet
if there is an ICMP unreachable somebody is actively rejecting the packet
if no response happens either the packet got lost, got dropped by a firewall or similar or got actually successfully read by the remote server but without responding
I have a simple socket server set-up to send some numbers to a client in the intranet. While testing, I stop the server.py script from terminal(CTRL+C) which later causes busy server error in Safari when I try to reach the same page.
I saw this serverfault question But the issues are:
I could not find the /etc/init.d/networking restart file. I am using Mac and this is for Linux. Also it is an overkill for every-time I test my server. At least 10 times an hour.
Inserting the option SO_REUSEADDR in the code did help Address already in use but I reckon that my server is up but is in a busy state. Using the answer here, I had edited the code to this:
host = <my machine address>
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
port = 8080
s.bind((host, port))
What changes do I make on my server to remove this error in Safari?
Safari can’t open the page "my-ip" because the server unexpectedly dropped the connection. This sometimes occurs when the server is busy. Wait for a few minutes and then try again.
Output of lsof -i:8080, after stopping the script was
python3.7 11881 <user> 3u IPv4 <Device> 0t0 TCP <my machine address>?:http-alt (LISTEN)
I did kill 11881 and then re-run the code but got the same message in Safari.
Output of netstat -na | grep "8080" was
tcp4 0 0 <my machine address>.8080 *.* LISTEN
while the script was running and nothing when I KeyboardInterrupt it.
Firefox shows the page momentarily and then shows the error page
The connection was reset
Chrome shows an empty page only.
Update: It works in python 2.7 but not in 3.5. The difference in the code comes at:
c.send('\n')
in 2.7 and
c.send(bytes('\n'.encode('utf-8')))
in 3.5 where
c is
c, (client_host, client_port) = s.accept()
Rest is all the same.
I had accidentally commented out a line
c.recv(1000)
Where c is mentioned in the question.
I found it when I compared this to an older version of the same file.
I build a script in Python (using Sockets and Asyncore) and it works well (and efficient), but I'm pretty sure I'm losing connections when it's bursting.
I was curious to know if there was a way to track the connections to that specific port, and how much are handled by my script, and how much are missed (doesn't respond, or respond after too long, or anything else).
I'm asking the question on SO because of the related Python code, but it can also be directly found on Linux (Debian for the matter) logs, or any implementation in Linux.
If you want to watch for connection failures, you could use tcpdump to sniff for ICMP packets signifying a connection failure like this:
tcpdump -nni eth0 'port 80' -e icmp[icmptype] == 3
Change eth0 to the name of your listening interface, and 'port 80' to the port you're listening on.
Note that ICMP type 3 covers "Connection Refused" and "No Route to Host".
So, I am trying to set up some dynamic plots on bokeh. I am actually getting the data every 10 hz via UDP. However, I am only able to deploy one server at once. Every time, I tried to open another server, the whole program crashes, and it said, "Errno 98 address already in use". The UDP protocol is only bound to one IP and one port, and only acting as receiver, does it have something to do with bokeh server every time I tried to open a new instance?
This is what I have for my UDP protocol:
UDP_IP_ADDRES=''
UDP_port=5800;
serverSock =socket.socket(socket.AF_INET,socket.SOCK_DGRAM)
serverSock.bind((UDP_IP_ADDRES,UDP_port)
I tried using :
serverSock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
serverSock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEPORT, 1)
but none of these work.
Remember to close/shutdown your socket. Simple use servSocket.close(), when you don't need it anymore.
Fastest solution is to reboot your system. Other way is to use check who is listening on your port using this:
lsof -i :your_port
and then kill that proces
kill pid
I am playing with my python server, but I'm through with using localhost and I want to go over the internet. My code thus-far is:
import socket
import threading
import socketserver
class ThreadedTCPRequestHandler(socketserver.BaseRequestHandler):
def handle(self):
data = self.request.recv(1024)
cur_thread = threading.current_thread()
response = "{}: {}".format(cur_thread.name, data)
self.request.sendall(b'worked')
class ThreadedTCPServer(socketserver.ThreadingMixIn, socketserver.TCPServer):
pass
def client(ip, port, message):
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect((ip, port))
try:
sock.sendall(message)
response = sock.recv(1024)
print("Received: {}".format(response))
finally:
sock.close()
if __name__ == "__main__":
# Port 0 means to select an arbitrary unused port
HOST, PORT = "0.0.0.0", 9001
server = ThreadedTCPServer((HOST, PORT), ThreadedTCPRequestHandler)
ip, port = server.server_address
# Start a thread with the server -- that thread will then start one
# more thread for each request
server_thread = threading.Thread(target=server.serve_forever)
# Exit the server thread when the main thread terminates
server_thread.daemon = True
server_thread.start()
print("Server loop running in thread:", server_thread.name)
ip = '12.34.56.789' #Not my real ip address This is just to hide my ip
print(ip, PORT)
client(ip, PORT, b'Hello World 1')
#client(ip, port, b'Hello World 2')
#client(ip, port, b'Hello World 3')
server.shutdown()
When I run this i get the error:
Server loop running in thread: Thread-1
12.34.56.789 9001
Traceback (most recent call last):
File "C:/Python32/serverTesty.py", line 43, in <module>
client(ip, PORT, b'Hello World 1')
File "C:/Python32/serverTesty.py", line 18, in client
sock.connect((ip, port))
socket.error: [Errno 10061] No connection could be made because the target machine actively refused it
I know the port works because when I use canyouseeme.org on port 9001 when my program is running it says its active and working. So I think I just have my connection wrong somewhere.
ip = '12.34.56.789' #Not my real ip address, its the one i got from whatismyip.org
The first problem is that '12.34.56.789' isn't a valid IP address at all. Each component has to fit in 8 bits (0-255); 789 is impossible. But I assume that isn't the actual code you're running, because the output shows 12.45.29.122.
The second problem is that you're using an address that isn't your real address.
Your machine presumably has an internal IP address, that can only be accessed from your LAN. Then, your router has an external IP address. The router uses a technique called Network Address Translation to let each machine on your LAN pretend that external address belongs to them, when they're acting as clients (which is why whatismyip.org shows you that address). But that doesn't work when they're acting as servers.
If you think about it, there's really no way it could work. If you make an outbound connection, and someone replies, the router knows that the reply should go to your machine. But if someone just comes along and talks to the router out of the blue, how could it know which machine to send the connection to?
If you're trying to connect from inside the same LAN, there's a very easy solution: use the server's real internal address, not the router's external address.
If you need to connect from outside, you can't, without some extra work. There are four ways around this:
Give your machine a real publicly-addressable IP address (e.g., by putting it on the router's DMZ). This is generally not even an option for home users, and it's a bad option for people who don't know what they're doing (unless you want your machine to be part of someone's botnet by lunchtime).
Set up static port forwarding in your router's configuration. This is different for each router, but the idea is that you tell it "if someone comes looking for port 9001, always send them to machine 192.168.1.64".
Use UPnP to set up port forwarding dynamically.
Set up a NAT hole punching.
Options 3 and 4 are more complex, and I think option 2 is the one you want, so I won't explain them.
On top of all that:
HOST, PORT = "192.168.1.64", 9001
server = ThreadedTCPServer((HOST, PORT), ThreadedTCPRequestHandler)
You've told the server explicitly "listen on 192.168.1.64". Even if you put your server machine on the DMZ, so it had addresses 192.168.1.64 and 12.45.29.122, your program is only listening for connections on the first one, so nobody would be able to reach it using the second. If you want to listen on all addresses, use 0.0.0.0.
In the edited version, you're now listening on 0.0.0.0, and connecting to the router's public IP, and you claim to have set up port forwarding on the router, and you're still getting the exact same error.
If that's all correct, there are three obvious things that could be going wrong:
You're not actually port forwarding; something is wrong with the setup.
You're not actually listening on 0.0.0.0:9001.
You've got a firewall blocking the connection.
There are a few tests you can do to narrow things down.
Open two terminals. In one, type nc -kl 9001. In the other, type nc 12.34.56.78 9001. They should connect up, so anything you type into one window appears in the other (maybe only after you hit Return). If that works, the port forwarding is working, and there's no firewall problem, so it's a problem in your code.
If that didn't work, please post exactly what you saw in each window. Then Ctrl-C the second nc, and type nc 192.168.1.64 9001. If that now works, either the port forwarding isn't set up right, unless you have a clever firewall that allows same-host (or same-interface) connections but not remote connections.
If neither one worked, it's probably a firewall problem. (Unless you're wrong about your IP addresses or something.) You can probably find logs somewhere, but without knowing what platform you're on and what firewall you're using it's hard to offer much help. (Also, that's probably a problem for a different site than SO.)
If you're on Windows, or some linux distros, you need to get a copy of nc (netcat) from somewhere; on most linux distros, and Mac, it should be built in. Also, GNU, BSD, and Hobbit nc are slightly different, so if nc -kl 6000 gives you an error, you might have to read the man page or --help. (If I remember right, Hobbit nc requires -l -p6000, BSD requires -l 6000, GNU allows either.)
Or you may want ncat, a re-implementation of netcat that I know can handle the syntax I used above, and has a single-file static executable for Windows.
If you can't get started with nc, at least try changing your code to connect to 192.168.1.64 instead of 12.34.56.78. If that fixes the problem, at least you'll know it's either port forwarding or a firewall that allows same-host/interface connections but not remote.