Tcpip routing forward question?

Home Forums Discussions Support Portal Tcpip routing forward question?

This topic contains 4 replies, has 2 voices, and was last updated by  hoowaycn 13 years, 1 month ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #4879

    hoowaycn
    Participant

    2 interfaces: ethernet and adsl(raspppoe, connecting internet), and enable TcpIP Routing at registry.

    If an inner client send an ICMP Echo request to an external host at internet
    ( already set Gatway in client computer )
    Will windows(XP) send out the ICMP requst to internet through the ADSL interface?
    If so, why I can not catch that packet by sniffer? It seems that windows drop the request, what cause that?

    #5636

    Vadim Smirnov
    Moderator

    Following to your post Send out modified ip packets, but no reponse ( NAT ) you read the packet from the inner interface, substitute the source IP and send this packet to the stack. What do you think the stack will do with packet received from the inner interface which has it’s own IP address as a source address? Yes, it will drop it, because it never expects such a packet from the network. So you don’t need to alter incoming packets from the inner interface. In this case TCP/IP will route them and try to send from the external interface with inner client source IP.

    In order to complete your task you should filter the external (Internet interface) and NAT (substutute the source address with external interface one) outgoing packets. For the packets received on the external interface you should do the reverse operation (change destination IP from the external interface IP to inner system one) if you find the required entry in your NAT table.

    #5637

    hoowaycn
    Participant

    Oh, understand, thanks.

    Followed your suggestion.

    I do this, print all caught packet, NOT do any address subsititute action
    Just want to know I can catch that packet at external interface.

    /// set flag MSTCP_FLAG_SENT_TUNNEL|MSTCP_FLAG_RECV_TUNNEL

    if (PacketBuffer.m_dwDeviceFlags == PACKET_FLAG_ON_SEND)
    {
    /// tcpstack –> interface

    print(“tcpstack — > interface: %s”, interfaceName );
    for(i=0;i print(“%x: rn” , PacketBuffer.m_IBuffer);
    }

    if (PacketBuffer.m_dwDeviceFlags == PACKET_FLAG_ON_RECV)
    {
    /// interface — > tcpstack

    print(“interface —> tcpstack: %s”, interfaceName );
    for(i=0;i print(“%x: rn” , PacketBuffer.m_IBuffer
    );
    }

    I do a “ping 218.30.103.40” at the client computer, as the the correct result I should catch the packet at “TcpStack –> Interface: External”, but failed.
    I only get it at “Interface –> Stack: Internal”. As you have told before, I
    should get the packet at “TcpStack –> Interface: External”. Can you tell me where the error from?

    My environment is like below

    internet —- adsl modem — HUB


    inner client( 192.168.1.3)
    |
    NAT computer (192.168.1.2 WinXP)

    NAT computer use RasPPPoE to connect ADSL.

    Below is my route table

    =====================================
    Interface List
    0x1 ……………………… MS TCP Loopback interface
    0x2 …00 50 ba 63 2b bd …… VIA Compatable Fast Ethernet Adapter
    0x40004 …00 53 45 00 00 00 …… WAN (PPP/SLIP) Interface
    =====================================
    Active Routes:
    Network Destination Netmask Gateway Interface Metric
    0.0.0.0 0.0.0.0 61.50.227.147 61.50.227.147 1
    61.50.227.147 255.255.255.255 127.0.0.1 127.0.0.1 50
    61.149.96.1 255.255.255.255 61.50.227.147 61.50.227.147 1
    61.255.255.255 255.255.255.255 61.50.227.147 61.50.227.147 50
    127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
    192.168.1.0 255.255.255.0 192.168.1.2 192.168.1.2 20
    192.168.1.2 255.255.255.255 127.0.0.1 127.0.0.1 20
    192.168.1.255 255.255.255.255 192.168.1.2 192.168.1.2 20
    224.0.0.0 240.0.0.0 192.168.1.2 192.168.1.2 20
    224.0.0.0 240.0.0.0 61.50.227.147 61.50.227.147 1
    255.255.255.255 255.255.255.255 192.168.1.2 192.168.1.2 1
    Default Gateway: 61.50.227.147
    ============================
    Persistent Routes:
    None

    Here is one packet I caught

    interface–>tcpstack Local Connection (Internel)
    0: 50: ba: 63: 2b: bd: 0: 10: dc: 1: b8: 9f: 8: 0: 45: 0:
    0: 3c: 38: cf: 0: 0: 80: 1: fe: ff: c0: a8: 1: 3: da: 1e:
    67: 28: 8: 0: 29: 5c: 2: 0: 22: 0: 61: 62: 63: 64: 65: 66:
    67: 68: 69: 6a: 6b: 6c: 6d: 6e: 6f: 70: 71: 72: 73: 74: 75: 76:
    77: 61: 62: 63: 64: 65: 66: 67: 68: 69:

    This is a ICMP Echo Req packet

    #5638

    Vadim Smirnov
    Moderator

    Normally if you have enabled routing on the NAT system and if you can see ICMP req coming to the inner interface then this ICMP req should be routed to the external interface (WAN (PPP/SLIP) Interface if I understand your configuration). If you can’t see this packet anymore then probably the normal behavior is broken. It can be coused by enabled native XP connection sharing, firewall or third party NAT/gateway software. I suspect that this is rather the firewall which just drops ICMP packets but I can’t know it for sure.

    #5639

    hoowaycn
    Participant

    Thanks, the problem solved. I have enable XP “firewall” before.

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.