Tuesday, May 24, 2011

Setting up a LAMP server (on my new XVM)

with help from bbaren

1. Log in:
         $ ssh username@vmname.xvm.mit.edu
2. Can you sudo? Try sudo bash, if you get an "username is not in the sudoers file.  This incident will be reported." error, do
         su -
         gpasswd -a username sudo
         grep sudo /etc/group should show results
         (If you want to give user sudo powers)
3. If everything worked, you should see "It works!" here http://vmname.xvm.mit.edu/
4. The "It works!" page is at /var/www/index.html

Done!

Extra stuff:

Configurations are in /etc/apache2/.
1. cd /etc/apache2/sites-enabled/
2. ls -l
total 0
lrwxrwxrwx 1 root root 26 2011-05-23 20:27 000-default -> ../sites-available/default

The following changes the sites-enabled to sym link to an edited version:
3. cd ../sites-available/
4. sudo cp default default_1
5. cd ../sites-enabled/
6. sudo rm 000-default
7. sudo ln -s ../sites-available/default_1 000-default
8. sudo /etc/init.d/apache2 reload
Posted by HaoQi Li at 5/24/2011 02:05:00 AM 0 comments
Labels: , ,

Setting up an MIT XVM

With help from quentin and bbaren.

1. Go to https://xvm.mit.edu/
2. Fill in "Create a new VM" with
        vmname.xvm.mit.edu
        Your description
        Selet "Autoinstall" and pick "Ubuntu 10.10 Maverick (amd64)" or your choice
3. Click "Create it!"  This will take 5 minutes or more.
        After a few seconds, your new vm's row appears on top with an orange installation sign
        You can see the installation process by ssh vmname@xvm-console.mit.edu
4. After the orange installation sign turns into a green power button, click on "vmname"
5. Click on "Power on" and wait a while for it to turn on.
6. ssh vmname@xvm-console.mit.edu again.
         Press Enter. You should see "vmname login:"
         Type in "root' and press Enter
7. Create root password:
         root@vmname:~# passwd
8. Create new user, "username":
         root@vmname:~# useradd -m -s /bin/bash username
         root@vmname:~# passwd username
9. Install OpenSSH so you can SSH
         root@vmname:~# aptitude install openssh-server openssh-client
         Optional: test that SSH works
              ssh localhost
              logout
10. Give user, "username", ability to sudo
         gpasswd -a username sudo
         grep sudo /etc/group should see "username" is there.
11. Log out of root
         logout
12. Close terminal

13. Login user, "username", in a new terminal:
         ssh username@vmname.xvm.mit.edu
Posted by HaoQi Li at 5/24/2011 01:41:00 AM 0 comments
Labels:

Monday, May 16, 2011

Django Tutorial

Django files: /usr/local/lib/Django-1.3/django

Django has one of the best tutorials ever, but then I got confused when I saw this line:
If you're interested, run the command-line client for your database and type \dt (PostgreSQL), SHOW TABLES; (MySQL), or .schema (SQLite) to display the tables Django created.

I went to IRC's #django (like the tutorial suggested in the beginning), and asked what to do, heedly helped me.

So on the command prompt, I type in sqlite3 nameofdbcreated.db and then once inside, type in .schema to create and list the databases.


sqlite3 tutorialSitedb.db
SQLite version 3.7.2
Enter ".help" for instructions
Enter SQL statements terminated with a ";"
sqlite> .schema
CREATE TABLE "auth_group" (
"id" integer NOT NULL PRIMARY KEY,
"name" varchar(80) NOT NULL UNIQUE
);
CREATE TABLE "auth_group_permissions" (
"id" integer NOT NULL PRIMARY KEY,
"group_id" integer NOT NULL,
"permission_id" integer NOT NULL REFERENCES "auth_permission" ("id"),
UNIQUE ("group_id", "permission_id")
);
CREATE TABLE "auth_message" (
"id" integer NOT NULL PRIMARY KEY,
"user_id" integer NOT NULL REFERENCES "auth_user" ("id"),
"message" text NOT NULL
);
CREATE TABLE "auth_permission" (
"id" integer NOT NULL PRIMARY KEY,
"name" varchar(50) NOT NULL,
"content_type_id" integer NOT NULL,
"codename" varchar(100) NOT NULL,
UNIQUE ("content_type_id", "codename")
);
CREATE TABLE "auth_user" (
"id" integer NOT NULL PRIMARY KEY,
"username" varchar(30) NOT NULL UNIQUE,
"first_name" varchar(30) NOT NULL,
"last_name" varchar(30) NOT NULL,
"email" varchar(75) NOT NULL,
"password" varchar(128) NOT NULL,
"is_staff" bool NOT NULL,
"is_active" bool NOT NULL,
"is_superuser" bool NOT NULL,
"last_login" datetime NOT NULL,
"date_joined" datetime NOT NULL
);
CREATE TABLE "auth_user_groups" (
"id" integer NOT NULL PRIMARY KEY,
"user_id" integer NOT NULL,
"group_id" integer NOT NULL REFERENCES "auth_group" ("id"),
UNIQUE ("user_id", "group_id")
);
CREATE TABLE "auth_user_user_permissions" (
"id" integer NOT NULL PRIMARY KEY,
"user_id" integer NOT NULL,
"permission_id" integer NOT NULL REFERENCES "auth_permission" ("id"),
UNIQUE ("user_id", "permission_id")
);
CREATE TABLE "django_content_type" (
"id" integer NOT NULL PRIMARY KEY,
"name" varchar(100) NOT NULL,
"app_label" varchar(100) NOT NULL,
"model" varchar(100) NOT NULL,
UNIQUE ("app_label", "model")
);
CREATE TABLE "django_session" (
"session_key" varchar(40) NOT NULL PRIMARY KEY,
"session_data" text NOT NULL,
"expire_date" datetime NOT NULL
);
CREATE TABLE "django_site" (
"id" integer NOT NULL PRIMARY KEY,
"domain" varchar(100) NOT NULL,
"name" varchar(50) NOT NULL
);
CREATE INDEX "auth_group_permissions_1e014c8f" ON "auth_group_permissions" ("permission_id");
CREATE INDEX "auth_group_permissions_425ae3c4" ON "auth_group_permissions" ("group_id");
CREATE INDEX "auth_message_403f60f" ON "auth_message" ("user_id");
CREATE INDEX "auth_permission_1bb8f392" ON "auth_permission" ("content_type_id");
CREATE INDEX "auth_user_groups_403f60f" ON "auth_user_groups" ("user_id");
CREATE INDEX "auth_user_groups_425ae3c4" ON "auth_user_groups" ("group_id");
CREATE INDEX "auth_user_user_permissions_1e014c8f" ON "auth_user_user_permissions" ("permission_id");
CREATE INDEX "auth_user_user_permissions_403f60f" ON "auth_user_user_permissions" ("user_id");
CREATE INDEX "django_session_3da3d3d8" ON "django_session" ("expire_date");

(At first, I was silly and thought I put in .schema directly in the terminal, but I got a
.schema: command not found
.)
Posted by HaoQi Li at 5/16/2011 10:46:00 PM 5 comments
Labels:

Sunday, May 15, 2011

INSERT INTO with SET equal signs, more intuitive than VALUES!

Using equal signs for MySQL INSERT INTO, you can associate a value right next to its column. How intuitive!!

Use this:
INSERT INTO tablename SET col1=value1, col2=value2, col3=value3;

Instead of:
INSERT INTO tablename (col1, col2, col3) VALUES (value1, value2, value3);
Posted by HaoQi Li at 5/15/2011 04:02:00 AM 0 comments
Labels:

Finished PGP Web of Trust Ranking Project

Here it is: https://github.com/haoqili/PGP_Trust_Ranking
Posted by HaoQi Li at 5/15/2011 03:53:00 AM 0 comments
Labels: ,

Monday, May 2, 2011

PGP GPG Web of Trust, Find Most Secure Path

Web of Trust explaination

http://zarb.org/~gc/html/pgppathfinder.html  (http://pgp.cs.uu.nl/)

Showing trust levels with "gpg":
gpg --with-colons --list-keys
The second field and the ninth field are the ones you want. The
second field contains the validity, and the ninth field contains the
trust setting. See doc/DETAILS from the GnuPG distribution for all the possible values there.
2. Field:  A letter describing the calculated trust. This is a single
     letter, but be prepared that additional information may follow
     in some future versions. (not used for secret keys)
  o = Unknown (this key is new to the system)
                i = The key is invalid (e.g. due to a missing self-signature)
  d = The key has been disabled
      (deprecated - use the 'D' in field 12 instead)
  r = The key has been revoked
  e = The key has expired
  - = Unknown trust (i.e. no value assigned)
  q = Undefined trust
             '-' and 'q' may safely be treated as the same
      value for most purposes
  n = Don't trust this key at all
  m = There is marginal trust in this key
  f = The key is fully trusted
  u = The key is ultimately trusted.  This often means
      that the secret key is available, but any key may
      be marked as ultimately trusted.
 9. Field:  Ownertrust (primary public keys only)
     This is a single letter, but be prepared that additional
     information may follow in some future versions.  For trust
     signatures with a regular expression, this is the regular
     expression value, quoted as in field 10.



$ gpg --with-colons --list-keys
tru::1:1304353633:1309537403:3:1:5
pub:-:4096:1:EEB79C73B8EC3AC9:2009-05-18:::-:Geoffrey Thomas ::escESC:
pub:e:2048:1:B576D161BD18CA24:2010-04-27:2010-08-25::-:MIT 6.033 sp2010 (Key for hands-on #6 - Crypto) <6.033-staff@mit.edu>::sc:
sub:e:2048:1:6AC6D22E0D016CE7:2010-04-27:2010-08-25:::::e:
pub:-:1024:17:882E0BAD0B72EB0F:2009-04-27:2012-01-20::-:Barack Hussein Obama (DOD) ::scaSCA:
pub:-:4096:1:4372CDFF95630310:2010-04-08:::-:Chris Post ::scESC:
uid:-::::2010-04-09::A5898B3ADF21B9261C6F342945D94F0392F4E1F8::Chris Post :
sub:-:4096:1:365783180773FB2D:2010-04-08::::::e:
pub:u:2048:1:304085A3F33AAB16:2011-05-02:2011-07-01::u:HaoQi Li ::scESC:
sub:u:2048:1:182358B0146708AD:2011-05-02:2011-07-01:::::e:
mean shortest distance, strong set

pathfinder, with graphs, Wotsap
pathfinder in gpgwww.c of onak, example: looking up path to

leaf of trust graphs

PGP trust statistics

We found a few sites that talked about people implementing pgp web of trust and even making a graphical display. How does PGP use the trust signature (shown below, from document of OpenPGP) and the trust level of PGP for the web of trust?
5.2.3.13. Trust signature
The trust amount is in a range from 0-255, interpreted such that
    values less than 120 indicate partial trust and values of 120 or
    greater indicate complete trust.  Implementations SHOULD emit values
    of 60 for partial trust and 120 for complete trust.
No, PGP doesn't use "trust level" linked in webs.

===
GPG tutorial

===

Our project is to figure out how much you can trust paths, and in turn, keys, in the web of trust. It has 2 parts, Reiter and Stubblebine wrote papers on these topics:

  1. Finding paths. How to find paths. PathServer is a web-based service for authenticating PGP public keys, i.e., determining their owners. It works by enabling a user to find paths of certificates from a key she trusts to a key she wants to learn about. You can find out more about this by having a look at "Path independence for authentication in large-scale systems." (1997) and "Resilient Authentication Using Path Independence" (1998)
  2. Evaluating the validity of paths based on the level of trust on the nodes. A metric of authentication is a procedure for evaluating the assurance one has in a name-to-key binding. That is, it tells you how sure you can be regarding the apparent owner of a key, given the information available to you and how much you trust the various entities that apparently contributed this information. In this work, we developed a number of principles for the design of metrics of authentication, demonstrated how several proposed metrics fall short of them, and described a new metric that we believe comes close to being an acceptable metric of authentication: "Authentication metric analysis and design" (1999) and "Toward acceptable metrics of authentication" (1997)
Posted by HaoQi Li at 5/02/2011 07:22:00 PM 0 comments
Labels: , , ,

PGP GPG Web of Trust, Find Most Secure Path

Web of Trust explaination

http://zarb.org/~gc/html/pgppathfinder.html  (http://pgp.cs.uu.nl/)

Showing trust levels with "gpg":
gpg --with-colons --list-keys
The second field and the ninth field are the ones you want. The
second field contains the validity, and the ninth field contains the
trust setting. See doc/DETAILS from the GnuPG distribution for all
the possible values there.
2. Field: A letter describing the calculated trust. This is a single
letter, but be prepared that additional information may follow
in some future versions. (not used for secret keys)
o = Unknown (this key is new to the system)
i = The key is invalid (e.g. due to a missing self-signature)
d = The key has been disabled
(deprecated - use the 'D' in field 12 instead)
r = The key has been revoked
e = The key has expired
- = Unknown trust (i.e. no value assigned)
q = Undefined trust
'-' and 'q' may safely be treated as the same
value for most purposes
n = Don't trust this key at all
m = There is marginal trust in this key
f = The key is fully trusted
u = The key is ultimately trusted. This often means
that the secret key is available, but any key may
be marked as ultimately trusted.
9. Field: Ownertrust (primary public keys only)
This is a single letter, but be prepared that additional
information may follow in some future versions.
$ gpg --with-colons --list-keys
tru::1:1304353633:1309537403:3:1:5
pub:-:4096:1:EEB79C73B8EC3AC9:2009-05-18:::-:Geoffrey Thomas ::escESC:
pub:e:2048:1:B576D161BD18CA24:2010-04-27:2010-08-25::-:MIT 6.033 sp2010 (Key for hands-on #6 - Crypto) <6.033-staff@mit.edu>::sc:
sub:e:2048:1:6AC6D22E0D016CE7:2010-04-27:2010-08-25:::::e:
pub:-:1024:17:882E0BAD0B72EB0F:2009-04-27:2012-01-20::-:Barack Hussein Obama (DOD) ::scaSCA:
pub:-:4096:1:4372CDFF95630310:2010-04-08:::-:Chris Post ::scESC:
uid:-::::2010-04-09::A5898B3ADF21B9261C6F342945D94F0392F4E1F8::Chris Post :
sub:-:4096:1:365783180773FB2D:2010-04-08::::::e:
pub:u:2048:1:304085A3F33AAB16:2011-05-02:2011-07-01::u:HaoQi Li ::scESC:
sub:u:2048:1:182358B0146708AD:2011-05-02:2011-07-01:::::e:

leaf of trust graphs

===

GPG tutorial
Posted by HaoQi Li at 5/02/2011 07:17:00 PM 0 comments
Labels: , , ,

Sunday, May 1, 2011

Synchronize Android Phone with Eclipse app development

Trying on 6857_proj with Android 1.6, because my APG is for Android 2.2, but my phone has version 1.6.

Following Setting up a Device for Developement

I have a T-Mobile, which I couldn't find on the list of "USB Vendor IDs", so I used the lsusb to see that I have a "Bus 002 Device 003: ID 0bb4:0c02 High Tech Computer Corp. Dream / ADP1 / G1 Phone (Debug)". So for T-Mobile, it's the same as HTC: SYSFS{idVendor}=="0bb4". (I didn't know T-Mobile is related to HTC)

android-sdk-linux_x86/platform-tools$ ./adb devices
List of devices attached
HT93LLZ01057 device

Then I clicked on "Run" and saw in the counsole:
[2011-05-01 16:30:05 - Apg] ActivityManager: Starting: Intent { act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] cmp=org.thialfihar.android.apg/.MainActivity }
[2011-05-01 16:30:20 - 6857_proj] Success!
[2011-05-01 16:30:20 - 6857_proj] Starting activity org.thialfihar.android.apg.MainActivity on device HT93LLZ01057
[2011-05-01 16:30:23 - 6857_proj] ActivityManager: Starting: Intent { act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] cmp=org.thialfihar.android.apg/.MainActivity }


Yay! I saw APG on my Phone! :D

========
get ZXing to work:

Pretty easy actually. Just press "Run" and everything is figured out automatically.  Even though my project is for Android 2.3.1 and my phone is 1.6, things worked out! I didn't change anything to the project code! Did NOT add '<application android:debuggable="true" ' in AndroidManifest.xml.

Console message:
[2011-05-02 01:13:07 - Zxing2] ------------------------------
[2011-05-02 01:13:07 - Zxing2] Android Launch!
[2011-05-02 01:13:07 - Zxing2] adb is running normally.
[2011-05-02 01:13:07 - Zxing2] Performing com.google.zxing.client.android.CaptureActivity activity launch
[2011-05-02 01:13:07 - Zxing2] Automatic Target Mode: using device 'HT93LLZ01057'
[2011-05-02 01:13:07 - Zxing2] Uploading Zxing2.apk onto device 'HT93LLZ01057'
[2011-05-02 01:13:08 - Zxing2] Installing Zxing2.apk...
[2011-05-02 01:13:14 - Zxing2] Success!
[2011-05-02 01:13:15 - Zxing2] Starting activity com.google.zxing.client.android.CaptureActivity on device HT93LLZ01057
[2011-05-02 01:13:18 - Zxing2] ActivityManager: Starting: Intent { act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] cmp=com.google.zxing.client.android/.CaptureActivity }
I did NOT even do the "Run on Android" part of http://code.google.com/p/zxing/wiki/GettingStarted.



Failed attempts at ZXing, I was being too cautious and hit some deadends
I think I should start a new ZXing that is compatible with my 1.6 phone.

If I choose version 1.6, I'll have 2 problems:
1. "R cannot be resolved" because gen > > R.java is not created from Project > clean
2. AndroidManifest.xml gives a "error: No resource identifier found for attribute 'installLocation' in package 'android'" of this line: <manifest xmlns:android="http://schemas.android.com/apk/res/android"

Both of these problems can be resolved if I upgrade the version to 2.3.1 by right clicking on the project name "Properties" and choose 2.3.1.

Might be helpful:
http://stackoverflow.com/questions/4782543/solved-integration-zxing-library-directly-into-my-android-application
"Run on Android" of http://code.google.com/p/zxing/wiki/GettingStarted ... I never had to do it.
Posted by HaoQi Li at 5/01/2011 04:36:00 PM 0 comments
Labels: , , ,

PF_PACKET Protocol Family

source

When you open a socket with the standard call sock = socket(domain, type, protocol) you have to specify which domain (or protocol family) you are going to use with that socket. Commonly used families are PF_UNIX, for communications bounded on the local machine, and PF_INET, for communications based on IPv4 protocols. Furthermore, you have to specify a type for your socket and possible values depend on the family you specified. Common values for type, when dealing with the PF_INET family, include SOCK_STREAM (typically associated with TCP) and SOCK_DGRAM (associated with UDP). Socket types influence how packets are handled by the kernel before being passed up to the application. Finally, you specify the protocol that will handle the packets flowing through the socket (more details on this can be found on the socket(3) man page).

In recent versions [original article was written in 2001] of the Linux kernel (post-2.0 releases) a new protocol family has been introduced, named PF_PACKET. This family allows an application to send and receive packets dealing directly with the network card driver, thus avoiding the usual protocol stack-handling (e.g., IP/TCP or IP/UDP processing). That is, any packet sent through the socket will be directly passed to the Ethernet interface, and any packet received through the interface will be directly passed to the application.

The PF_PACKET family supports two slightly different socket types, SOCK_DGRAM and SOCK_RAW. The former leaves to the kernel the burden of adding and removing Ethernet level headers. The latter gives the application complete control over the Ethernet header. The protocol field in the socket() call must match one of the Ethernet IDs defined in /usr/include/linux/if_ether.h [IEEE 802.3 Ethernet magic constants], which represents the registered protocols that can be shipped in an Ethernet frame. Unless dealing with very specific protocols, you typically use ETH_P_IP, which encompasses all of the IP-suite protocols (e.g., TCP, UDP, ICMP, raw IP and so on).

Since they have pretty serious security implications (for example, you may forge a frame with a spoofed MAC address), PF_PACKET-family sockets may only be used by root.
Posted by HaoQi Li at 5/01/2011 04:32:00 AM 0 comments
Labels: ,

Ruby Raw Socket for Windows

About Raw Sockets in general:
- Wikipedia article: A raw socket is a socket that allows direct sending and receiving of network packets by applications, bypassing all encapsulation in the networking software of the operating system.

Linux specific:
- terminal type:
man 7 raw
to read about raw sockets
- might be useful #1
- might be useful #2


Windows specific:
- libpcap-1.1.1./pcap-win32.c has the wsockinit() function, not very useful though
- Windows uses Winsock(Wiki article)
- Very good Windows raw socket explaination also with code: Raw Sockets and Windows
First of all, it must be understood very clearly that raw sockets is not a feature of the network API (although it must be present there as an option) but of the OS protocol stack. To implement raw sockets, all we have to do is to inform the OS that the packet buffer we are providing will have the header and so the OS should transmit it as is without "adding any header"; that's all, nothing more to do. The Unix operating system has raw socket support since ancient times. But the problem is with Windows. None of Windows 95, 98, 98SE supported raw sockets. Raw sockets became available on Windows from Windows 2000; Windows XP continued this. But suddenly, raw socket support was removed from Windows XP through a patch in SP2. Vista probably doesn't have it. Windows 95, 98, 98SE do not support raw sockets, but this doesn't end the story. If you want the facility, then the solution is to use a third party packet driver like Winpcap. Such packet drivers will do your task irrespective of what the OS likes and dislikes. Windows XP and XP SP1 have full raw socket support and so life is easy. So if you want to do raw socketing on Windows, then either use Winpcap or don't feel desperate to install SP2, or otherwise use Windows 2003 which, as per my knowledge, has raw socket support. So let's brief up.
-----
Windows 95, 98, 98SE, NT4.0 -- Only raw ICMP and IGMP with restricted features.
Windows 2000, XP, XP SP1, 2003 -- Full raw socket support for both receiving and sending purposes.
Windows XP SP2 -- Only raw ICMP, IGMP, and UDP with proper source address (IP spoofing restricted) can be sent. But, full raw sockets can be received, which means you can sniff all incoming data and read their headers.
Note : Winsock Ver. >=2.0
----
So if your system doesn't support raw sockets, then switch to Linux or use Winpcap.

- Very useful Winsock FAQ
--- question: Do I must have a TCP/IP?
) What do I need to run WinSock applications?
----------------------------------------------
Interesting how after "rake install" in Windows, the Gemfile.lock shows "x86-mingw32" as well as "ruby" under "PLATFORMS"

----------

Using WinSock applications to access the Internet requires:

- A suitable connection to the Internet.
- A TCP/IP stack (which includes it's own WINSOCK.DLL).

=====================
Trying to see if existing Linux socket would work on Windows:

commit 9a5b019bea6f62f22cf90e2c6eaf0c0637387e7f
take out unnecessary raise exception. Hopefully windows socket can work?

Administrator@HAOQI-4F34C3203 ~/Desktop/ethernet/spec/ethernet (master)
$ rspec raw_socket_spec.rb
FFFFFF

Failures:

  1) RawSocket mac should have 6 bytes
     Failure/Error: let(:mac) { Ethernet::RawSocket.mac eth_device }
     RuntimeError:
       Unsupported platform i386-mingw32
     # c:/Documents and Settings/Administrator/Desktop/ethernet/lib/ethernet/raw
_socket.rb:121:in `all_ethernet_protocols'
     # c:/Documents and Settings/Administrator/Desktop/ethernet/lib/ethernet/raw
_socket.rb:24:in `socket'
     # c:/Documents and Settings/Administrator/Desktop/ethernet/lib/ethernet/raw
_socket.rb:49:in `mac'
     # ./raw_socket_spec.rb:8:in `block (2 levels) in '
     # ./raw_socket_spec.rb:17:in `block (3 levels) in '

  2) RawSocket mac should match ifconfig output
     same as above

  3) RawSocket socket should be able to receive data
     Failure/Error: before { @socket = Ethernet::RawSocket.socket eth_device }
     RuntimeError:
       Unsupported platform i386-mingw32
     # c:/Documents and Settings/Administrator/Desktop/ethernet/lib/ethernet/raw
_socket.rb:121:in `all_ethernet_protocols'
     # c:/Documents and Settings/Administrator/Desktop/ethernet/lib/ethernet/raw
_socket.rb:24:in `socket'
     # ./raw_socket_spec.rb:28:in `block (3 levels) in '

  4) RawSocket socket should output a packet
     same as above

  5) RawSocket socket should receive some network noise
     same as above

  6) RawSocket testing listing all network devices should list the devices
     Failure/Error: device_macaddrs.each do |key, value|
     NoMethodError:
       undefined method `each' for nil:NilClass
     # ./raw_socket_spec.rb:48:in `block (3 levels) in '

Finished in 0 seconds
6 examples, 6 failures

Currently, I have all the errors because of the highlighted line above. Looking at that:
23   def self.socket(eth_device = nil, ether_type = nil)
 24     ether_type ||= all_ethernet_protocols
 25     socket = Socket.new raw_address_family, Socket::SOCK_RAW, htons(ether_type)
...
115     # The protocol number for listening to all ethernet protocols.
116     def all_ethernet_protocols
117       case RUBY_PLATFORM
118       when /linux/
119         3
120       else
121         raise "Unsupported platform #{RUBY_PLATFORM}"
122       end
123     end
What "||=" means in "ether_type ||= all_ethernet_protocols"
Victor's answer:
It's a trick in modern languages. || is boolean OR, and the way it's implemented is a || b returns a if it is a true value, otherwise it returns b. You can think of it for a bit and convince yourself that this fulfills the contract for OR. ||= is used to specify default values -- if ether_type was nil or false, it becomes all_ethernet_protocols. Otherwise it doesn't change.

1. so ether_type, if it's false or nil, is going to be replaced by "3", how can that be compatible with the 4-digit ether_type?
2. is 3 the Gateway-to-Gateway protocol?
answer: The number comes from cat /usr/include/linux/if_ether.h | grep ETH_P_ALL, which along with PF_Packet, make up a socket

Also for this:
140     # The AF / PF number for raw sockets.
141     def raw_address_family
142       case RUBY_PLATFORM
143       when /linux/
144         17 # cat /usr/include/bits/socket.h | grep PF_PACKET
145       when /darwin/
146         18 # cat /usr/include/sys/socket.h | grep AF_LINK
147       when /i386-mingw32/ 
148         18 # winsock.h | grep AF_LINK
149       else
150         raise "Unsupported platform #{RUBY_PLATFORM}"
151       end
152     end


Sweet! Found the Windows equivalent of socket.h -- winsock.h!!  I hope it's up to date. So it says that AF_LINK is 18. :D
Victor says: "I googled around, and it seems that AF_LINK won't work on Windows. The header you have is for Winsock 1.1, and all modern systems use Winsock 2.0. MSDN says that Windows removed raw socket support as of Windows XP SP2." This was done for security reasons.

Window's (Winsock/WSA/Windows Socket API) Raw Socket. Raw Socket is a kind of Windows socket (also containing some common choices for domain, type, and protocol), following the format of Berkeley's raw socket.
domain: AF_LINK, same as /darwin/
type: SOCK_RAW, same :D
protocol: hope that 3, eth_p_all would work
:P

commit b458ffaebeabc408c9649c37b9e1951316852ab5
try still. Fixed some Windows socket stuff, found AF_LINK in winsock.h

Administrator@HAOQI-4F34C3203 ~/Desktop/ethernet/spec/ethernet (master)
$ rspec raw_socket_spec.rb
FFFFFF

Failures:

  1) RawSocket mac should have 6 bytes
     Failure/Error: let(:mac) { Ethernet::RawSocket.mac eth_device }
     Errno::EAFNOSUPPORT:
       An address incompatible with the requested protocol was used. - socket(2)

     # c:/Documents and Settings/Administrator/Desktop/ethernet/lib/ethernet/raw
_socket.rb:25:in `initialize'
     # c:/Documents and Settings/Administrator/Desktop/ethernet/lib/ethernet/raw
_socket.rb:25:in `new'
     # c:/Documents and Settings/Administrator/Desktop/ethernet/lib/ethernet/raw
_socket.rb:25:in `socket'
     # c:/Documents and Settings/Administrator/Desktop/ethernet/lib/ethernet/raw
_socket.rb:49:in `mac'
     # ./raw_socket_spec.rb:8:in `block (2 levels) in '
     # ./raw_socket_spec.rb:17:in `block (3 levels) in '

... same stuff

Finished in 0.01562 seconds
6 examples, 6 failures


Failure/Error: let(:mac) { Ethernet::RawSocket.mac eth_device }
     NameError:
       uninitialized constant Module::ANY
     # c:/Documents and Settings/Administrator/Desktop/ethernet/lib/ethernet/raw
_socket.rb:133:in `all_ethernet_protocols'



./Win32/Src/getaddrinfo.c: { PF_INET, SOCK_RAW, ANY, NULL, 0x05 },

Try instead of htons(ETH_P_ALL) , which we have here as 3, do htons(ANY)

commit 6be0d35378b021a8981dfbec4b920317123bc64d
try. switch htons(3) to htons(ANY)

question for Victor:
Do you have any hints of looking for the Windows equivalent of if_ether.h or know what I should put in for ether_type?

Continued from Victor's quote above ... "All solutions seem to revolve around installing some NDIS driver and talking to it. Winpcap seems to be the easiest and most well-maintained library for that."

I need raw socket for an application that i am trying to execute from cygwin in 'Windows XP with SP2' & Vista . How can this be achieved ?
Use a driver that doesn't use the Windows TCP/IP stack, maybe try WinPcap.



====

- Download WinPcap source
-> install NDIS driver
Nice Site
Posted by HaoQi Li at 5/01/2011 01:28:00 AM 0 comments
Labels: , ,

Git Bash Copy Paste

Windows Git Bash how to copy paste / highlight text / select text

Copy:
Long-term solution: Click on Topleft icon > Defaults > Select "QuickEdit Mode" under "Edit Options" > Okay
Then select the text you want to copy. Press Enter


Short-term solution: Click on Topleft icon > Edit > Mark. Press Enter.


Paste:
Press "Insert"

(If the "QuickEdit Mode" is on, Right clicking might work too.)


Credit
Posted by HaoQi Li at 5/01/2011 01:20:00 AM 0 comments
Labels:
Subscribe to: Posts (Atom)