Tcpip routing forward question?

Home Forums Discussions Support Tcpip routing forward question?

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • September 16, 2004 at 6:44 am #4879
    hoowaycn
    Participant

      2 interfaces: ethernet and adsl(raspppoe, connecting internet), and enable TcpIP Routing at registry.

      If an inner client send an ICMP Echo request to an external host at internet
      ( already set Gatway in client computer )
      Will windows(XP) send out the ICMP requst to internet through the ADSL interface?
      If so, why I can not catch that packet by sniffer? It seems that windows drop the request, what cause that?

      September 16, 2004 at 12:41 pm #5636
      Vadim Smirnov
      Keymaster

        Following to your post Send out modified ip packets, but no reponse ( NAT ) you read the packet from the inner interface, substitute the source IP and send this packet to the stack. What do you think the stack will do with packet received from the inner interface which has it’s own IP address as a source address? Yes, it will drop it, because it never expects such a packet from the network. So you don’t need to alter incoming packets from the inner interface. In this case TCP/IP will route them and try to send from the external interface with inner client source IP.

        In order to complete your task you should filter the external (Internet interface) and NAT (substutute the source address with external interface one) outgoing packets. For the packets received on the external interface you should do the reverse operation (change destination IP from the external interface IP to inner system one) if you find the required entry in your NAT table.

        September 17, 2004 at 1:21 pm #5637
        hoowaycn
        Participant

          Oh, understand, thanks.

          Followed your suggestion.

          I do this, print all caught packet, NOT do any address subsititute action
          Just want to know I can catch that packet at external interface.

          /// set flag MSTCP_FLAG_SENT_TUNNEL|MSTCP_FLAG_RECV_TUNNEL

          if (PacketBuffer.m_dwDeviceFlags == PACKET_FLAG_ON_SEND)
          {
          /// tcpstack –> interface

          print(“tcpstack — > interface: %s”, interfaceName );
          for(i=0;i print(“%x: rn” , PacketBuffer.m_IBuffer);
          }

          if (PacketBuffer.m_dwDeviceFlags == PACKET_FLAG_ON_RECV)
          {
          /// interface — > tcpstack

          print(“interface —> tcpstack: %s”, interfaceName );
          for(i=0;i print(“%x: rn” , PacketBuffer.m_IBuffer          );
          }

          I do a “ping 218.30.103.40” at the client computer, as the the correct result I should catch the packet at “TcpStack –> Interface: External”, but failed.
          I only get it at “Interface –> Stack: Internal”. As you have told before, I
          should get the packet at “TcpStack –> Interface: External”. Can you tell me where the error from?

          My environment is like below

          internet —- adsl modem — HUB

          inner client( 192.168.1.3)
          |
          NAT computer (192.168.1.2 WinXP)

          NAT computer use RasPPPoE to connect ADSL.

          Below is my route table

          =====================================
          Interface List
          0x1 ……………………… MS TCP Loopback interface
          0x2 …00 50 ba 63 2b bd …… VIA Compatable Fast Ethernet Adapter
          0x40004 …00 53 45 00 00 00 …… WAN (PPP/SLIP) Interface
          =====================================
          Active Routes:
          Network Destination Netmask Gateway Interface Metric
          0.0.0.0 0.0.0.0 61.50.227.147 61.50.227.147 1
          61.50.227.147 255.255.255.255 127.0.0.1 127.0.0.1 50
          61.149.96.1 255.255.255.255 61.50.227.147 61.50.227.147 1
          61.255.255.255 255.255.255.255 61.50.227.147 61.50.227.147 50
          127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
          192.168.1.0 255.255.255.0 192.168.1.2 192.168.1.2 20
          192.168.1.2 255.255.255.255 127.0.0.1 127.0.0.1 20
          192.168.1.255 255.255.255.255 192.168.1.2 192.168.1.2 20
          224.0.0.0 240.0.0.0 192.168.1.2 192.168.1.2 20
          224.0.0.0 240.0.0.0 61.50.227.147 61.50.227.147 1
          255.255.255.255 255.255.255.255 192.168.1.2 192.168.1.2 1
          Default Gateway: 61.50.227.147
          ============================
          Persistent Routes:
          None

          Here is one packet I caught

          interface–>tcpstack Local Connection (Internel)
          0: 50: ba: 63: 2b: bd: 0: 10: dc: 1: b8: 9f: 8: 0: 45: 0:
          0: 3c: 38: cf: 0: 0: 80: 1: fe: ff: c0: a8: 1: 3: da: 1e:
          67: 28: 8: 0: 29: 5c: 2: 0: 22: 0: 61: 62: 63: 64: 65: 66:
          67: 68: 69: 6a: 6b: 6c: 6d: 6e: 6f: 70: 71: 72: 73: 74: 75: 76:
          77: 61: 62: 63: 64: 65: 66: 67: 68: 69:

          This is a ICMP Echo Req packet

          September 18, 2004 at 9:00 am #5638
          Vadim Smirnov
          Keymaster

            Normally if you have enabled routing on the NAT system and if you can see ICMP req coming to the inner interface then this ICMP req should be routed to the external interface (WAN (PPP/SLIP) Interface if I understand your configuration). If you can’t see this packet anymore then probably the normal behavior is broken. It can be coused by enabled native XP connection sharing, firewall or third party NAT/gateway software. I suspect that this is rather the firewall which just drops ICMP packets but I can’t know it for sure.

            September 20, 2004 at 6:24 am #5639
            hoowaycn
            Participant

              Thanks, the problem solved. I have enable XP “firewall” before.

            • Author
              Posts
            Viewing 5 posts - 1 through 5 (of 5 total)
            • You must be logged in to reply to this topic.