捕获通过Netcat发送的Tun接口上的数据包

Question

I'm trying to work through some of the simple tun/tap examples on the web and am having a bit of trouble. Briefly, I'm trying to:

1. Create a tun interface and give it an address
2. Open the tun interface with some code that will print out received packets
3. Send some packets with netcat
4. Observe the packets with both wireshark and the code that prints them out

I'm having trouble with (3) and (4). This tutorial says that in older linux versions you could use ping, but apparently that is not the case anymore, so I'm attempting to use netcat. My assumption is that I am not sending the data correctly- specifically, with netcat I have to aim at a specific port, so I give it an arbitrary port along with address of the tun interface.

Since wireshark and both programs don't see anything, I assume it's the sending of the packets that is incorrect. Is there a better approach then using netcat?

The tun inferface:

$ ifconfig tun2
tun2      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:192.168.7.1  P-t-P:192.168.7.2  Mask:255.255.255.255
          UP POINTOPOINT NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

Writing some packets, no error observed

$ echo -n 'fooooo' | nc 192.168.7.1 5555
$
$ echo -n `cat index.html` | nc 192.168.7.1 5555
$

Wireshark (and program console) show nothing:

$sudo tshark -i tun2
....

I've tried two different pieces of code for (2), both of which should print out received packets:

• https://gist.github.com/585369
• http://backreference.org/2010/03/26/tuntap-interface-tutorial/

UPDATE:

Running the simpletun program in the second link above as both client and server, on the same machine, for the server I get:

$ ./simpletun -i tun2 -s -d
Successfully connected to interface tun2

And for the client (which would be run on a different machine I think):

$./simpletun -i tun2 -c 192.168.7.1 -d
ioctl(TUNSETIFF): Device or resource busy
Error connecting to tun/tap interface tun2!

So I'm pretty sure I'm opening tun2.

EDIT2:

I'm doing this on virtualbox VM with ubuntu server on it. Once I get it working on one machine I would like to try writing a simple UDP bridge with a second machine, both on tun interfaces.

EDIT3:

Loopback it is

$ sudo tshark -i lo
[sudo] password for nflacco: 
tshark: Lua: Error during loading:
 [string "/usr/share/wireshark/init.lua"]:45: dofile has been disabled
Running as user "root" and group "root". This could be dangerous.
Capturing on lo
  0.000000  192.168.7.1 -> 192.168.7.1  TCP 74 59584 > personal-agent [SYN] Seq=0 Win=32792 Len=0 MSS=16396 SACK_PERM=1 TSval=26444728 TSecr=0 WS=4
  0.000019  192.168.7.1 -> 192.168.7.1  TCP 54 personal-agent > 59584 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0

Answer 1

Is there another system which is connected at the other end of the tunnel tun2?

Notice RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) in the ifconfig output. There is indeed no packet transferred over that interface. Make sure that there is some receiver on that interface.

eg If you are using this for virtualization, make sure that the virtual machine is up & ready to receive the packets. If you are using this for VPN or something, make sure that the remote system is responding.

I have used tunnel interface for virtulization. & it works, when VM is up & running.

Answer 2

Try

echo -n 'fooooo' | nc 192.168.7.2 5555

You need to send traffic to an IP that is in the subnet of the tun interface but not the interface IP itself. If you send it to the interface IP, the kernel will not send it on the wire, since the packet has reached its destination.