nc -l myhost.acme.com 3872
and make sure you are actually listening:
netstat -an | grep 3872
tcp 0 0 10.33.80.121:3872 0.0.0.0:* LISTEN
On the Source host:
echo ciao | nc myhost.acme.com 3872
and the "ciao" should appear on Destination and the nc should exit.
If you don't have nc installed, there are alternatives to nc:
wlst or python:
import socket
HOST = 'myhost.acme.com'
PORT = 3872
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((HOST, PORT))
s.send('Hello, world')
data = s.recv(1024)
s.close()
(see http://docs.python.org/release/2.5.2/lib/socket-example.html)
or simply run
telnet myhost.acme.com 3872
To receive data, run Java or python:
from java.net import ServerSocket
ss = ServerSocket(3872)
ss.accept()
(see http://docs.oracle.com/javase/6/docs/api/java/net/ServerSocket.html )
The great advantage of nc is that you can bind to any IP on the source host:
nc -s "your_ip_here"
To check if nc could actually connect, do:
echo ciao | nc....
echo $?
1 means "unable to connect", 0 means "connected"
echo a | nc -s "10.26.20.116" -w 1 10.51.87.24 1722 ; echo $?
A script to check firewall could very well be:
#!/bin/sh
#This script is to check that a firewall rule is operational
#Author name : Pierluigi Vernetto
function checkFirewall {
sourceIPsArray=$(echo $sourceIPs | tr "," "\n")
destinationIPsArray=$(echo $destinationIPs | tr "," "\n")
for sourceIP in $sourceIPsArray
do
for destinationIP in $destinationIPsArray
do
echo a | nc -s "$sourceIP" -w 2 $destinationIP $port
if [[ $? -eq 0 ]]
then echo $sourceIP $destinationIP $port success
else echo $sourceIP $destinationIP $port failure
fi
done
done
}
sourceIPs=10.56.218.91,10.56.218.93,10.56.218.90,10.56.218.94,10.56.218.92
destinationIPs=10.56.128.10,10.56.128.8,10.56.128.9
port=1522
checkFirewall
No comments:
Post a Comment