Hi all, We want to do some stress testing of firewall configurations/hardware. We have discovered hping that seems a great tool for this, but funny enough Shorewall cuts it !!! even when you leave ports open :) So besides hping, any tool for this? Why is shorewall cutting this traffic? Thanks in advance. Regards. -- Jaime Nebrera - jnebrera@eneotecnologia.com Consultor TI - ENEO Tecnologia SL Telf.- 95 455 40 62 - 619 04 55 18
On Wednesday 01 June 2005 17:06, Jaime Nebrera wrote:> Hi all, > > We want to do some stress testing of firewall configurations/hardware. > We have discovered hping that seems a great tool for this, but funny > enough Shorewall cuts it !!! even when you leave ports open :) > > So besides hping, any tool for this? Why is shorewall cutting this > traffic? > > Thanks in advance. Regards.Are you sure that you generated a valid packet with hping/hping2? As far as I know it is used to generate arbritrary IP packets. So creating invalid packets is easily possible. HTH Alex
On Wed, 2005-06-01 at 17:06 +0200, Jaime Nebrera wrote:> Hi all, > > We want to do some stress testing of firewall configurations/hardware. > We have discovered hping that seems a great tool for this, but funny > enough Shorewall cuts it !!! even when you leave ports open :) > > So besides hping, any tool for this? Why is shorewall cutting this > traffic?What exactly do you mean by "Shorewall cuts it" ? Is the firewall sending back a RESET? If the port is open (i.e., ACCEPT net fw tcp 80), there shouldn''t be any issues. Can you provide some examples of your configuration? -- David Hollis <dhollis@davehollis.com>
David Hollis wrote on 01/06/2005 14:17:02:> On Wed, 2005-06-01 at 17:06 +0200, Jaime Nebrera wrote: > > Hi all, > > > > We want to do some stress testing of firewallconfigurations/hardware.> > We have discovered hping that seems a great tool for this, but funny > > enough Shorewall cuts it !!! even when you leave ports open :) > > > > So besides hping, any tool for this? Why is shorewall cutting this > > traffic? > > > What exactly do you mean by "Shorewall cuts it" ? Is the firewall > sending back a RESET? If the port is open (i.e., ACCEPT net fw tcp 80), > there shouldn''t be any issues. Can you provide some examples of your > configuration? >Are you using the -S flag in your hping2 command? This flag identifies the packet as a syn packet, which is needed to be accepted by shorewall rules. try the following command: hping2 -p 80 www.yahoo.com -S hope it helps, ________________________ Eduardo Ferreira Icatu Holding S.A. Supervisor de TI (5521) 3804-8606
Hi Eduardo,> Are you using the -S flag in your hping2 command? This flag identifies > the packet as a syn packet, which is needed to be accepted by shorewall > rules. try the following command: > hping2 -p 80 www.yahoo.com -SYou nailed !!! :) It was that, at least at first try. I need Juan Jesus to make some more testing but I think was that as I have just tried with and without the -S and in one case it doesnt go trough and in the other it does. Very thankful. -- Jaime Nebrera - jnebrera@eneotecnologia.com Consultor TI - ENEO Tecnologia SL Telf.- 95 455 40 62 - 619 04 55 18