From: Baillargeon, Sonny (Sonny.Baillargeon@bmonb.com)
Date: Thu Apr 28 2005 - 17:26:28 EDT
Thanks to Andrei, Russell, and Thomas for replying.
I am getting closer but still no cigar. I followed your advice on
running truss and here are the results
USER:
5515/1: open("/var/run/rpc_door/rpc_100029.2", O_RDONLY) = 8
5515/1: open("/dev/udp", O_RDONLY) = 9
5515/1: open("/dev/udp", O_RDONLY) = 9
5515/1: open("/dev/udp", O_RDWR) = 9
ROOT:
5633/1: open("/var/run/rpc_door/rpc_100029.1", O_RDONLY) = 8
5633/1: open("/dev/udp", O_RDONLY) = 9
5633/1: open("/dev/udp", O_RDONLY) = 9
5633/1: open("/dev/udp", O_RDWR) = 9
5633/1: open("/var/run/rpc_door/rpc_100029.2", O_RDONLY) = 8
5633/1: open("/dev/des", O_RDONLY) Err#2
ENOENT
5633/1: open("/dev/udp", O_RDONLY) = 9
5633/1: open("/dev/udp", O_RDONLY) = 9
5633/1: open("/dev/udp", O_RDONLY) = 9
5633/1: open("/dev/udp", O_RDONLY) = 9
5633/1: open("/dev/udp", O_RDONLY) = 9
5633/1: open("/dev/udp", O_RDONLY) = 9
As the user open("/var/run/rpc_door/rpc_100029.1", O_RDONLY) = 8 never
gets called, rpc_200029.2 gets created first. So I'm not sure if that
signifies anything.
The snoops look like this for udp traffic:
USER:
Using device /dev/bge0 (promiscuous mode)
________________________________
client1 -> server4 ETHER Type=0800 (IP), size = 134 bytes
client1 -> server4 IP D=10.111.53.24 S=10.111.43.31 LEN=120,
ID=5745, TOS=0x0, TTL=255
client1 -> server4 UDP D=111 S=47339 LEN=100
client1 -> server4 RPC C XID=1115209734 PROG=100000 (PMAP) VERS=2
PROC=5
client1 -> server4 PORTMAP C CALLIT prog=NIS+ vers=3 proc=0
client1 -> server4 NIS+ C Null
________________________________
server4 -> client1 ETHER Type=0800 (IP), size = 74 bytes
server4 -> client1 IP D=10.111.43.31 S=10.111.53.24 LEN=60,
ID=40036, TOS=0x0, TTL=253
server4 -> client1 UDP D=47339 S=32771 LEN=40
sede1 -> server4 IP D=10.111.53.24 S=10.111.43.31 LEN=160,
ID=575:rver4 -> client1 RPC R (#1) XID=1115209734 Success
server4 -> client1 PORTMAP R CALLIT port=32773 len=0
server4 -> client1 NIS+ R Null
________________________________
client1 -> server4 ETHER Type=0800 (IP), size = 106 bytes
client1 -> server4 IP D=10.111.53.24 S=10.111.43.31 LEN=92,
ID=5746, TOS=0x0, TTL=255
client1 -> server4 UDP D=111 S=47340 LEN=72
client1 -> server4 RPC C XID=1115215171 PROG=100000 (PMAP) VERS=3
PROC=3
client1 -> server4 RPCBIND C GETADDR prog=100300 (NIS+) vers=3
________________________________
server4 -> client1 ETHER Type=0800 (IP), size = 90 bytes
server4 -> client1 IP D=10.111.43.31 S=10.111.53.24 LEN=76,
ID=40037, TOS=0x0, TTL=253
server4 -> client1 UDP D=47340 S=111 LEN=56
server4 -> client1 RPC R (#3) XID=1115215171 Success
server4 -> client1 RPCBIND R GETADDR Uaddr=10.111.53.24.128.5
ROOT:
________________________________
client1 -> server4 ETHER Type=0800 (IP), size = 174 bytes
client1 -> server4 IP D=10.111.53.24 S=10.111.43.31 LEN=160,
ID=5755, TOS=0x0, TTL=255
client1 -> server4 UDP D=111 S=47344 LEN=140
client1 -> server4 RPC C XID=1114648070 PROG=100000 (PMAP) VERS=2
PROC=5
client1 -> server4 PORTMAP C CALLIT prog=NIS+ vers=3 proc=0
client1 -> server4 NIS+ C Null
________________________________
server4 -> client1 ETHER Type=0800 (IP), size = 74 bytes
server4 -> client1 IP D=10.111.43.31 S=10.111.53.24 LEN=60,
ID=40045, TOS=0x0, TTL=253
server4 -> client1 UDP D=47344 S=32771 LEN=40
server4 -> client1 RPC R (#1) XID=1114648070 Success
________________________________
client1 -> server4 ETHER Type=0800 (IP), size = 106 bytes
client1 -> server4 IP D=10.111.53.24 S=10.111.43.31 LEN=92,
ID=5756, TOS=0x0, TTL=255
client1 -> server4 UDP D=111 S=47345 LEN=72
client1 -> server4 RPC C XID=1114648762 PROG=100000 (PMAP) VERS=3
PROC=3
client1 -> server4 RPCBIND C GETADDR prog=100300 (NIS+) vers=3
________________________________
server4 -> client1 ETHER Type=0800 (IP), size = 90 bytes
server4 -> client1 IP D=10.111.43.31 S=10.111.53.24 LEN=76,
ID=40046, TOS=0x0, TTL=253
server4 -> client1 UDP D=47345 S=111 LEN=56
server4 -> client1 RPC R (#3) XID=1114648762 Success
server4 -> client1 RPCBIND R GETADDR Uaddr=10.111.53.24.128.5
________________________________
client1 -> server4 ETHER Type=0800 (IP), size = 82 bytes
client1 -> server4 IP D=10.111.53.24 S=10.111.43.31 LEN=68,
ID=5763, TOS=0x0, TTL=255
client1 -> server4 UDP D=111 S=47347 LEN=48
client1 -> server4 RPC C XID=1114680971 PROG=100000 (PMAP) VERS=3
PROC=6
client1 -> server4 RPCBIND C GETTIME
The user never sends the RPCBIND C GETTING packet to the server
(nyedsdev4). Apparently it is getting stuck opening /dev/udp as RW.
Thanks for reading.
-sonny
|Sonny Baillargeon|Bank of Montreal / Harris Nesbitt|
|3 Times Square, 27th Floor|New York, NY 10036|
|Phone: 212.702.1747|Fax: 212.605.1580|Mobile: 917.682.3649|
<FONT SIZE =
1>***************************************************************************
*
This e-mail and any attachments may contain confidential and privileged
information. If you are not the intended recipient, please notify the sender
immediately by return e-mail, delete this e-mail and destroy any copies. Any
dissemination or use of this information by a person other than the intended
recipient is unauthorized and may be illegal. Unless otherwise stated,
opinions expressed in this e-mail are those of the author and are not endorsed
by the author's employer.</FONT>
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:30:37 EDT