I writed a add-on to manage arp cache. but~~ [INACTIVE]

Here we discuss compilation and how to build an addon for BFW.

I writed a add-on to manage arp cache. but~~

Mensagempor dreamcat » Seg Mar 19, 2007 12:08 am

yesterday, I finished a little add-on, it use "ip neigh" to manage arp cache.
because there is too many arp attack in our country's netbar. It simply convert the arp entry to permanent.
but it can't use on old version of BFW, I want to know which version of BFW that no longer use the busybox's ip tools?
another question: how can I send my add-on to here?
dreamcat
 

Mensagempor dreamcat » Sex Abr 06, 2007 3:25 am

I check three old version, ip nei only can use in v2.30.
dreamcat
 

Pleeeeeeeeeeeeeeeeeeeeeezzzzzzzzz Give me that add-on

Mensagempor xmatrix2 » Qua Mai 16, 2007 2:35 pm

First ,,, i don't know how to thank you for that ... i wait this for a long time

if you need to upload it i can host it on my site ....

Thank you again ... waiting your add-on
xmatrix2
 

Mensagempor Marcelo - Brazil » Qua Mai 23, 2007 2:35 pm

BFW não é meu hobby, é meu router !
Não dou suporte.

"Nem sim, nem não, mas muito pelo contrário, não sou contra nem à favor,
porque em matéria de certas coisas o mais importante é o principalmente,
aliás inclusive, não resta a menor dúvida".
De algum politico brasileiro...
Avatar do usuário
Marcelo - Brazil
BFW Founder
BFW Manager
BFW Beneméritos
 
Mensagens: 3187
Registrado em: Qua Ago 24, 2005 10:40 pm
Localização: Campinas - São Paulo
BrazilFW Box: Hp Proliant ML30 Gen 9, Intel® Xeon® E3-1200 v5 3,0 Ghz, 8 Gb ram DDR4, 1 Tb HD, Links 120x12 mb/s cabo + 100x100 mb/s fibra. Addon: Unifi, 50 clientes lan + 50 cliente wireless.

Mensagempor xmatrix2 » Sex Mai 25, 2007 10:02 am

dreamcat ,,, where are you... need your add-on ,,
xmatrix2
 

need it!!!

Mensagempor neo82 » Qua Set 12, 2007 5:07 pm

I need that add-on very much!!! ... need to set a static arp record up, please help!
neo82
 

Re: I writed a add-on to manage arp cache. but~~

Mensagempor ntbill » Sex Ago 22, 2008 7:16 pm

OK, I understand now how to make a static arp entry. You have to use ip neigh, as dreamcat said (thank you dreamcat for the hint).

Actually, I need to have a static arp so Wake On LAN (WOL) can work trough the firewall using port forwarding. The problem was: How can it forward an ip packet to an ip address when the pc doesn't have an ip address (the pc is power off, remember I told you I'm trying to use WOL from Internet :D ).

The answer? You tell the firewall the MAC address associated with this ip address with a static arp entry. If you don't use a static arp entry, that entry will be flushed from the arp cache after a short moment of inactivity (there is a lot of inactivity on a MAC address that is powered off :D ).

Since BrazilFW doesn't have the command "arp" available, you can use "ip neigh". On the console, type this:
ip neigh add 192.168.0.65 lladdr 00:01:02:03:ab:cd nud permanent dev eth0

Replace the ip address (192.168.0.65) and MAC address (00:01:02:03:ab:cd) by yours and you're done, you just made a static arp entry. Type this to verify the arp table:
ip neigh show

Now, to survive a reboot, simply add the command to /etc/rc.d/rc.local file.

I've tested the static arp entry on BFW 2.31.10 and it works. But I haven't tested if it solved my WOL problem. I will test it Monday when I'll be back to work, I will send my WOL MagicPaquet at home to see if the packet pass through BFW and wake up my pc.

So stay tuned.
ntbill
 

Re: I writed a add-on to manage arp cache. but~~

Mensagempor eduardor » Sáb Ago 23, 2008 11:56 am

The WOL MagicPaquet must be generated at server, not through BFW

Install a WOL add-on. ;-)
eduardor
 

Re: I writed a add-on to manage arp cache. but~~

Mensagempor ntbill » Seg Ago 25, 2008 11:24 am

Hourra, it works. The Magic Paquet pass through BFW and it wakes up my home PC. Now, you know how to do it.

Bye everybody

End of WOL story.
ntbill
 

Re: I writed a add-on to manage arp cache. but~~

Mensagempor ntbill » Seg Ago 25, 2008 11:27 am

eduardor escreveu:The WOL MagicPaquet must be generated at server, not through BFW

Install a WOL add-on. ;-)


eduardor, by server you mean BFW? Sending the Magic Paquet form BFW console? This is not the way I wanted to use WOL. I didn't want to open SSH to the internet, to keep BFW more secure. So that's why I was looking for a way to send a Magic Paquet with port forwarding.
ntbill
 

Re: I writed a add-on to manage arp cache. but~~

Mensagempor eduardor » Ter Ago 26, 2008 1:25 am

The WOL add-on is a console command without webadmin. Sorry. I remember another add-on
http://www.brazilfw.com.br/downloads/addons/wol.tgz

Of course, webadmin through SSH o SSL.

There are MACs at DHCP Reservations. Must be add an Actions list: [Edit] [Delete] [Wake-up] at leases.cgi or make a new one (a true WOL webadmin interface).
Static ARP isn't a way to do WOL.
eduardor
 

Re: I writed a add-on to manage arp cache. but~~

Mensagempor ntbill » Ter Ago 26, 2008 1:02 pm

eduardor escreveu:Of course, webadmin through SSH o SSL.


That's what I'm trying to avoid. I don't want to open SSH or webadmin on my internet network card.
ntbill
 

Re: I writed a add-on to manage arp cache. but~~

Mensagempor eduardor » Qua Ago 27, 2008 9:50 am

You can`t portforward a Broadcast packet, because portforward need a IP to forward and Broadcast is to all lan (or subnet).

Read about WoL:
http://en.wikipedia.org/wiki/Wake-on-LAN

And a "Wake on Lan over the Internet (or why is it such a pain in the ****) "
http://www.depicus.com/wake-on-lan/what ... n-lan.aspx

The SSH is a highest level of security about remotely administration.

What about add [Wake-up] Action in leases.cgi (DHCP Webadmin) ?
Adding a MAC in a leases list, then the Wake-up have all information to run. Weak up in 3 clicks!!!
eduardor
 

Re: I writed a add-on to manage arp cache. but~~

Mensagempor ntbill » Qua Ago 27, 2008 4:28 pm

eduardor escreveu:You can`t portforward a Broadcast packet, because portforward need a IP to forward and Broadcast is to all lan (or subnet).


You're right. Forwarding a broadcast using port forwarding doesn't work (to ip address 192.168.0.255 for example). BFW doesn't allow this, I tried and it didn't work.

eduardor escreveu:The SSH is a highest level of security about remotely administration.


Closing remote administration is more secore than SSH.

eduardor escreveu:What about add [Wake-up] Action in leases.cgi (DHCP Webadmin) ?
Adding a MAC in a leases list, then the Wake-up have all information to run. Weak up in 3 clicks!!!


3 clicks after loging into BFW with SSH. Only 1 click with my solution without loging in.
ntbill
 

Re: I writed a add-on to manage arp cache. but~~

Mensagempor eduardor » Qua Ago 27, 2008 11:44 pm

If work, very well. :o!

Write a How to WOL over Internet

I can´t understand how to send a broadcast packet to internet and reach your server weaking up some machine in your network. You are using a very special WOL over Internet tool?
I try many and only can put MAC addresses, because is a LAN tool. You are omitting something big :!:
eduardor
 

Re: I writed a add-on to manage arp cache. but~~

Mensagempor ntbill » Qui Ago 28, 2008 12:58 am

eduardor escreveu:If work, very well. :o!


Of course it works, read my post on Mon Aug 25, 2008.

eduardor escreveu:Write a How to WOL over Internet


Read my post on Fri Aug 22, 2008. You can already find How to's on internet speaking about WOL over internet. The only thing that was missing is how to do a static ARP entry in BFW.

eduardor escreveu:I can´t understand how to send a broadcast packet to internet and reach your server weaking up some machine in your network. You are using a very special WOL over Internet tool?
I try many and only can put MAC addresses, because is a LAN tool. You are omitting something big :!:


No, I'm not omitting something. It's my pleasure to explain it to you (and to everyone who will read this post).

First of all, you don't send a broadcast if you do WOL over internet. You send a broadcast if you are on the same LAN (or VLAN) than the target pc. But on the internet, you cannot send a broadcast. I use the tool from Depicus (http://www.depicus.com/wake-on-lan/wake-on-lan-gui.aspx). With this tool, you can specify an ip address. This will not be a broadcast, it will only be sent to an ip address. In our case, it is our BFW's external ip address. But you specify the MAC address of the target pc, not the BFW mac address. In this MagicPaquet, you still have 16 times the MAC address of the target.

When BFW receives this paquet, it forwards it to the target pc (before you have to do a port forwarding for that pc, as I said in my earlier posts). But port forwarding is on layer 3 of networking ISO. On layer 2, a paquet is always sent to a MAC address, not an ip address because this concept doesn't exist on layer 2. The ARP table, which contains corresponding IP address to MAC address (similar to DNS tables which contains corresponding network names to IP address) frequently flush entries that become useless. In the case of a power down pc, his MAC address is flushed from BFW ARP table because it doesn't respond anymore.

So when the packet passes through port forwarding and is sent to the target pc, you have to make a static entry in ARP table so that port forwarding knows at wich MAC address it must send the paquet.

Now, when the target pc receives the MagicPaquet, even if it is not a broacast paquet but a direct ip addressed paquet, the network card opens the paquet because it is addressed to him, sees that is MAC address appears 16 times and then send a signal to the BIOS to power on the pc.

As you can see, when doing WOL over intrnet, there is no broadcast. It may sound strange to do WOL without doing a broadcast, but that the way it works. At least, that the way I read it on other web pages. Maybe there are other ways. And maybe not all network card will wake up a pc if the MagicPaquet is not a broadcast. But with an onboard network card from nVidia nForce 4 Ultra chipset, it works.
ntbill
 

Re: I writed a add-on to manage arp cache. but~~

Mensagempor ntbill » Qui Ago 28, 2008 1:21 am

eduardor escreveu:Write a How to WOL over Internet


Good idea. I did a tutorial about "WOL (WakeOnLAN) over Internet". Actually, it's a merge of my posts. I placed it in "Tutorials in English".
ntbill
 

Re: I writed a add-on to manage arp cache. but~~

Mensagempor eduardor » Qui Ago 28, 2008 12:33 pm

Wonderful :aplause:

Explain a portforwarding you use. Port? TCP/UDP?
Paste a full line in a config file, better.
eduardor
 

Re: I writed a add-on to manage arp cache. but~~

Mensagempor ntbill » Qui Ago 28, 2008 11:55 pm

eduardor escreveu:Wonderful :aplause:

Explain a portforwarding you use. Port? TCP/UDP?
Paste a full line in a config file, better.


port Y 192.168.0.65 udp 7 7 dns #WOL
ntbill
 


Voltar para Add-On Factory

Quem está online

Usuários navegando neste fórum: Nenhum usuário registrado e 3 visitantes