Eric,
I may be wrong, but I don't think Windows allows this kind of source-
spoofing, even with cygwin. This feature was only ever tested on
linux.
regards,
neil
On Jun 29, 2007, at 2:53 AM, EricWU['d+X>W][406'%x$$] wrote:
> Hi,
> I have a problem when do compile source to binary file with source ip
> spoofing.
> I have finished the compiler without error, and I can see the -S
> option when
> type sflowtool -h
> But, I got a error message when I run the sflowtool -c 172.26.1.222
> -d 9991
> -S command , it return message " sendto returned -1 (expected 100):
> Interrupted system call", and the 172.26.1.222 have not receive any
> packets.
> But, when I run "sflowtool -c 172.26.1.222 -d 9991" , the
> 172.26.1.222 have
> received many packets.
> Why due to this?
> Platform: windowsXP SP2 with cygwin
> Sflowtool version 3.12
> Compile command1 : #sh ./configure --enable-source-spoofing
> Compile command2: #sh ./configure CFLAGS=-DSPOOFSOURCE
>
>
> eric@EricT42 ~/sflowtool312/src
> $ ./sflowtool -h
> Copyright (c) InMon Corporation 2000-2006 ALL RIGHTS RESERVED
> This software provided with NO WARRANTY WHATSOEVER
> Usage: ./sflowtool [-p port]
> ./sflowtool version: 3.12
> forwarding:
> -f host/port - (forward sflow to another collector
> - ...repeat for multiple collectors)
> csv output:
> -l - (output in line-by-line format)
> tcpdump output:
> -t - (output in binary tcpdump(1) format)
> -r file - (read binary tcpdump(1) format)
> -x - (remove all IPV4 content)
> -z pad - (extend tcpdump pkthdr with this many zeros
> e.g. try -z 8 for tcpdump on Red Hat
> Linux 6.2)
> NetFlow output:
> -c hostname_or_IP - (netflow collector host)
> -d port - (netflow collector UDP port)
> -e - (netflow collector peer_as (default =
> origin_as))
> -s - (disable scaling of netflow output by
> sampling
> rate)
> -S - spoof source of netflow packets to input
> agent IP
> Filters:
> +v <vlans> - include vlans (e.g. +v 0-20,4091)
> -v <vlans> - exclude vlans
> =============== Advanced Tools
> ==============================================
> | sFlowTrend (FREE) - http://www.inmon.com/products/sFlowTrend.php
> |
> | Traffic Sentinel - http://www.inmon.com/support/
> sentinel_release.php
> |
> ======================================================================
> ======
> =
>
> eric@EricT42 ~/sflowtool312/src
> $ ./sflowtool -c 172.26.1.222 -d 9991 -S
> sendto returned -1 (expected 100): Interrupted system call
> sendto returned -1 (expected 100): Interrupted system call
> sendto returned -1 (expected 100): Interrupted system call
> sendto returned -1 (expected 100): Interrupted system call
> sendto returned -1 (expected 100): Interrupted system call
> sendto returned -1 (expected 100): Interrupted system call
> sendto returned -1 (expected 100): Interrupted system call
> sendto returned -1 (expected 100): Interrupted system call
> sendto returned -1 (expected 100): Interrupted system call
> sendto returned -1 (expected 100): Interrupted system call
>
> ==========================================
> Stark Technology Inc.
> eric.wu@sti.com.tw
Received on Fri Jun 29 08:49:19 2007
This archive was generated by hypermail 2.1.8 : 06/29/07 PDT