Applications

List of Applications

• Sniffer
• Ping
• Traceroute
• DNS Client
• Echo
• Datagram Echo
• TFTP

Sniffer

Usage:

java -cp jswrench.jar com.act365.net.sniffer.Sniffer -p protocol -x excluded -l localhost

Typical use:

java -cp jswrench.jar com.act365.net.sniffer.Sniffer -p ICMP

The sniffer app opens a raw socket, listens for packets with a given protocol and dumps them to standard output. Note that only incoming packets are detected. Most specialist sniffers operate at the Ethernet level, one level below raw sockets, which enables them to detect incoming and outgoing packets.

The -p protocol option dictates the type of packet that will be 'sniffed'. (Since a raw socket will perform the 'sniff', and a single protocol has to be specified when a raw socket is created, the entire app is restricted to operate with a single protocol). The currently supported choices are TCP (the default), UDP, ICMP and TCPJ.

The -x excluded option allows all packets sent from a single given IP address to be excluded.

The -l localhost option allows the local IP address to be specified. Since the app only receives packets - it doesn't broadcast, the only possible use of the local IP address is to check incoming checksums. By default, the app doesn't know its local IP address, so doesn't test incoming checksums.

Ping

Usage:

java -cp jswrench.jar com.act365.net.ping.Ping -c count -s nbytes -t ttl -p protocol -l localhost hostname

Typical use:

java -cp jswrench.jar com.act365.net.ping.Ping -l 10.0.0.5 act365.com
java -cp jswrench.jar com.act365.net.ping.Ping -l 10.0.0.5 -p HdrICMP act365.com

The ping utility broadcasts ICMP Echo messages to a remote host at one-second intervals and listens for Echo Reply messages transmitted in reply.

The -c count option specifies how many messages will be broadcast. The default value is 10. Note that the Linux implementation of ping runs until the user interrupts the process. That behaviour can't be replicated in the JSocket Wrench library because Java provides no way to trap the interrupt signal.

The -s nbytes option specifies the number of bytes of data to appear in the broadcast messages. The default value is 56.

The -t ttl option specifies the time-to-live for the outgoing packets. The default value is 64.

The -p protocol option specifies the socket protocol to be used. The possible values are ICMP and HdrICMP. The difference is that when the HdrICMP protocol is selected, the JSocketWrench library, not the underlying operating system, will construct the IP header.

The -l localhost option, which should always be supplied, specifies the local address, which will be written into the outgoing packets. Of course, when this address is specified incorrectly, any Echo Reply messages generated by the remote host will be sent to the wrong destination.

hostname is the remote destination to be contacted.

Traceroute

java -cp jswrench.jar com.act365.net.ping.Traceroute -p protocol -l localhost -d -f first_ttl host

Typical use:

java -cp jswrench.jar com.act365.net.ping.Traceroute -l 10.0.0.5 act365.com
java -cp jswrench.jar com.act365.net.ping.Traceroute -l 10.0.0.5 -p UDP -d act365.com

The traceroute utility discovers the route most likely to connect the client to a remote address. It does so through the transmission of ICMP or UDP packets with successively increasing time-to-live values. When ICMP is used, ping-style Echo Request messages are transmitted while the process listens for Echo Reply messages broadcast from remote addresses. When UDP is used, packets are sent to unlikely UDP ports while the process listens for ICMP messages broadcast from remote addresses.

The -p protocol option dictates the type of packet to be broadcast. Legal values are ICMP or UDP.

The -l localhost option specifies the local network address. It should normally be specified.

The -d option enables debug.

The -f first_ttl option specifies the TTL value associated with the first broadcast packet. The default value is 1.

host specifies the target hostname.

DNS Client

java -cp jswrench.jar com.act365.net.dns.DNSLookup -p protocol -l localhost -t type -r DNSServer domain

Typical use: (Note that 198.41.0.4 is the IP address of a.root-servers.net).

java -cp jswrench.jar com.act365.net.dns.DNSLookup -l 10.0.0.5 198.41.0.4 b.root-servers.net  
java -cp jswrench.jar com.act365.net.dns.DNSLookup -l 10.0.0.5 -p RawUDP -t TXT 198.41.0.4 b.root-servers.net
java -cp jswrench.jar com.act365.net.dns.DNSLookup -l 10.0.0.5 -p RawHdrUDP -t MX 198.41.0.4 b.root-servers.net

The DNSLookup utility wraps a DNS query in a UDP packet, sends the packet to the named DNS server and decodes the returned packet.

The -p protocol option dictates which flavour of the UDP protocol should be used - JDKUDP (the default), UDP, RawUDP or RawHdrUDP.

The -l locahost option specifies the local network address. It should normally be specified.

The -t type option specifies the type of DNS lookup to be performed. The default is 'A' - a host address lookup (i.e. hostname to IP address). Other options include MX (mail exchange) or TXT (text). Currently, the PTR (inverse lookup, i.e. IP address to hostname) isn't supported.

The -r option disables recursive lookup. Generally, when the specified DNS Server can't resolve the requested query, it will pass the request onto another server. This (default) behaviour is known as recursive lookup.

DNSServer is the DNSServer to be used. When this is specifed as a hostname rather than as an IP address, Java will implicitly perform its own DNS lookup in order to find the IP address.

domain is the address about which the information is sought.

Echo

java -cp jswrench.jar com.act365.net.echo.EchoClient -p protocol -l localhost localport hostname hostport
java -cp jswrench.jar com.act365.net.echo.EchoServer -p protocol -l localhost localport

java -cp jswrench.jar com.act365.net.echo.EchoClient 2000 localhost 3000
java -cp jswrench.jar com.act365.net.echo.EchoServer 3000

It is only necessary to specify localhost and localport if a raw protocol is used.