I have been testing the SCTP support on Java + lksctp.
I wrote a simple client in order to see just the inital setup of a SCTP association which is basically the "INIT" and "INIT ACK".
I have tested 2 ways for a Client to send the "INIT" to a SERVER which is basically:
create the SctpChannel object with "open(SocketAddress)"
try {
InetSocketAddress socketAddress = new InetSocketAddress("192.168.52.197", 2905);
SctpChannel sctpChannel = SctpChannel.open(socketAddress,1,1);
sctpChannel.bind(new InetSocketAddress("192.168.1.251",2906));
sctpChannel.connect(socketAddress, 1 ,1);
so in this way, I can see in Wireshark that I have the "IPv4 Address parameter" for all my network interfaces (3 as you can see bellow), but the Source Port is getting a aleatory port number instead the 2906 as I would like to have and it's in the bind.
So... once the bind of local IP/Port is happening after the "open"... so I have changed the code to:
create the SctpChannel object which just "open()"
binding the local client IP and Port
"connect" to the remote Server IP and Port
try {
InetSocketAddress socketAddress = new InetSocketAddress("192.168.52.197", 2905);
SctpChannel sctpChannel = SctpChannel.open();
sctpChannel.bind(new InetSocketAddress("192.168.1.251",2906));
sctpChannel.connect(socketAddress, 1 ,1);
In this way, I can see in wireshark that Source/Destination ports are expected (2906/2905), but the INIT does not have the "IPv4 Address parameter".
So does anyone know why the 2nd code I'm missing the "IPv4 address parameter" in the INIT ? Do I miss something?
Any help would be really welcome.
Thanks.
IP addresses within INIT/INIT_ACK chunks are optional parameters. In case your endpoints are signglehomed IP address might not be included in the INIT/INIT_ACK chunk. The remote end still can retrieve information about peer address from the IP header.
Fundamentally the reason of this behaviour is what parameters you pass to open(). Open() without any parameters and open() with remote address specified works in a different way.
If you call SctpChannel.open(socketAddress,1,1) with socket address for the remote end it effectively open channel and connects to remote end (see open documentation. Your bind() and connect() calls in this case are pretty useless. So since there were no bind() call prior to establishing the connection you are sort of using "default" endpoint with random port (56044) and IP addresses of all available interfaces.
In second case, when you don't specify socketAddress for open() it just open the channel but does not connect to remote end at this stage. So your bind() call successfully specify endpoint details (port and IP address) and when you call connect() it is actually using the endpoint you just created (192.168.1.251:2906) to setup connection with remote end.
Related
I have a ServerSocket object that is listening with accept method. How do I accept connections only coming from the same network and not outside?
If your system has multiple network interfaces and one of them is receiving local connections only while others should be ignored, you can set up a ServerSocket with the IP-address of the netork interface to bind it only to that particular interface:
ServerSocket ssocket = new ServerSocket(1234, 10, InetAddress.getByAddress("192.168.1.1"));
With IPv4 and IPv6 you obviously need two ServerSockets.
If local and remote connections are received from the same network interface, you have to check the remote peer yourself. This can be done in different ways:
You can set a SecurityManager that implements checkAccept and throws a SecurityException if the connection attempts comes from the wrong place. This is a global setting, so with this you can't set up a ServerSocket at some other part of the application that should accept connections from there.
You can check the IP and port of the Socket being returned from ServerSocket to be local and close the socket if it's not instead of continuing with the request
You can create a subclass of ServerSocket overriding the method checkAccept where call super.accept, do the corresponding check as described in option 2 and only return the retrieved connection if it fit to your criterias or otherwise close it and call the super-method again.
Create the ServerSocket via the constructor that accepts a local IP address, and supply 127.0.0.1 as that IP address.
Is it possible to change TCP header in Java?
If it's possible, is there any [Change Header] method?
Answering the more narrow question from the title of your question ("How to change source ip in Java"), you can bind your socket to a local IP address and/or port before you connect it to a destination.
The IP address you bind to has to be an IP address that your machine has (otherwise, how could packets arrive back at your machine?). You can also take any unused, non-reserved port number to connect from.
Socket socket = new Socket();
socket.bind(new InetSocketAddress(9999));
// or: socket.bind(new InetSocketAddress(InetAddress.getByAddress(...), 9999));
socket.connect(new InetSocketAddress(InetAddress.getLocalHost(), 80));
More generally, the answer is no, you cannot just randomly change the TCP header. But there are plenty settings that you can do from Java that will affect what goes into the TCP header.
I'm wondering whether you'r thinking about to cheat the server by providing a random source ip. As far as I know, there's no way to do this in java.
And even if you have changed your ip address, i think you can not successfully "hand-shake" with the server, which means you can not establish a TCP connection with the server side.
If I bind to a specific interface using a specific hostname and then use ServerSocketChannel.getLocalAddress() to retreive the bound address, the hostname is longer there.
Is this by design or just undefined behavior? Is there any way to fix that?
InetSocketAddress bindTo = new InetSocketAddress("my-hostname", 9999);
ServerSocketChannel serverSocketChannel = ServerSocketChannel.open();
serverSocketChannel.socket().bind(bindTo);
InetSocketAddress localAddr = (InetSocketAddress) serverSocketChannel.getLocalAddress();
System.out.println(bindTo);
System.out.println(localAddr);
> my-hostname/10.20.200.201:9999
> /10.20.200.201:9999
"my-hostname" in the above example is one of several hostnames that will resolve to the local IP. It is, however, not the hostname to which the IP resolves to when doing a reverse lookup.
The reason I ask is that I use a framework which will bind and then publish the service information to a central registry. However, it retrieves the bound address using .getLocalAddress() which ultimately ends up publishing the wrong hostname.
the hostname is longer there
You mean "the hostname is longer there" in the String returned by InetAddress.toString(). There's nothing that obliges that behaviour. The local address to which a socket is bound is primarily an IP address. If you want to map it to a hostname, that's up to you.
I don't find any information on this topic on the internet and asked here. For example I have server with IP 1.1.1.1 and 2.2.2.2 and two domain names pointing to it one.example.com and example2.net, and socke listening on port 1234 for incoming connections.
For example:
C/C++:
listenfd=socket(AF_INET, SOCK_STREAM, 0);
bind(...);
listen(...);
while(...) accept(...);
or Java:
ServerSocket socket = new ServerSocket(1234);
while(...) {
Socket connectionSocket = welcomeSocket.accept();
...
}
When client accepted on my socket I need to know what domain name/IP is used by the client to connect. It may be one.example.com or example2.net and/or IP 1.1.1.1 or 2.2.2.2 (if connected using IP only).
Apache somehow determined ip/domain of incoming reques, and I need to do such thing in pure socket code. C++ (main) or Java (or any other) accepted, I need to know mechaniics of this.
The IP is stored inside the IP packet header and you can read it from there. In order to get the host, you'll probably have to ask a DNS server by sending a request (or use a function which does it for you). You can find examples for both of the problems, even on this site
I have an rmi server on a box with two public interfaces. When a client connects, it always returns the wrong ip address in the UnicastServerRef2 [liveRef: [endpoint:[192.x.x.x:xxxx .... The connection from the client goes to the other interface with ip 10.x.x.x. Does anybody know how to solve this? I do not want to specify the ip when binding the stub. It works then, but I would like it to listen on all interfaces (0.0.0.0).
If I specify java.rmi.server.hostname=myhostname and use a RMIServerSocketFactory to create a ServerSocket[addr=myhostname/10.x.x.x,localport=xxxx], it still returns the 192.x.x.x adress to the client as remote endpoint. Weird enough I have two UnicastRemoteObjects objects on diffrerent ports and one of them returns the right address, the other not.
Any Ideas how to make it to return the endpoint with the ip of the interface the connection was made to?
That's what the java.rmi.server.hostname property is for. Set it at the exporting JVM to whatever IP address you want the clients to use to connect to it.