Issue with WSL listening to TCP ports #1554
Comments
|
This looks like a duplicate of #1498 |
|
Repro steps with After you've fired up the server, can you see it listening if you run It's probably a dup of #1498 but node servers work here too. Common networking scenarios used to fail because of the |
|
@lefty-kreouzis - I cannot reproduce the issue either on 14986 (see screenshot below). If you are running any AV software (see #475), can you try disabling it and also opening up the required port through Windows firewall.
|
|
The listening port is not shown in CMD I have avast antivirus but I disabled it
|
|
That's strange. Few things:
|
|
Hi Sunil I am definitely on 14986: C:\Users\lefty>ver Microsoft Windows [Version 10.0.14986] C:\Users\lefty>
Weird I am performing a backup so I can reinstall windows .......... Thanks Lefty |
|
BTW i had removed the WSL and reinstalled it by running (I kept my home directory files BTW0 |
|
I did a reinstall of windows (keeping my files) and now it works..... Weird |
|
Did you reinstall avast though? Notwithstanding other ghosts in the machine, that's still as good a suspect as any, even given the fact you disabled it. I would have suggested uninstalling avast first if I knew you were up for the big hammer of reinstalling Windows. |
|
Just reinstalled Avast and it still works..... |
|
That is really weird.... |
|
There has to be some collision with the AV here. That's all I got here. But, I am glad it's working for you now. I would like to encourage everyone to talk to their AV vendors, in supporting WSL. Our voice only reaches so far. I am closing this issue out. |
|
I've exactly the same problem on newly installed 15063... Should I raise a new issue? I've no 3rd party AV only the default windows defender stuff. I tried disabling the firewall and real-time AV protection to no avail.: nc: connect to localhost port 4434 (tcp) failed: Connection refused |
|
I have same problem and same windows ver with @thomashood2 |
|
So, this works fine for me. More importantly, it works fine for most people, including (I assume) the WSL team. (Judging by the number of tickets that have been filed about bugs that were revealed after people got sockets to work :-) ) Frankly speaking: "It doesn't work just for me!" issues are, unfortunately, incredibly hard for anyone else to diagnose, let alone fix. So I think the way this moves forward is, someone who is experiencing this problem makes an observation that turns this into a "huh, that's a little weird everywhere" issue. Once any piece of this is reproducible, relevant experts can look at it and know where to start digging. How can you do that? I would suggest that y'all play with standard Windows and Linux network diagnostic tools; check precisely which sockets are open for which addresses, ports, and and protocols (and try switching around all of the above); determine precisely what packets are or are not being delivered/received from which interfaces. Also check whether this happens just for Linux->Linux connections, or what happens if the client or server (or both!) are Windows apps. If you have any third-party Windows apps installed that might potentially mess with network interfaces, even if they aren't firewalls per se, try disabling or reconfiguring them. Basically, permute everything; find the thing that has an unexpected-and-relevant side effect. |
|
i have the same problem with 15063.11 |
|
same problem with 15063.138
i've no idea how to solve this |
|
Same issue here on public build 15063.138 |
|
@Roscoe93 @shsmith - Thanks for your post. I can understand that this can be frustrating, but it's not clear to us too why these services are not able to listen/connect. If not already, can you also try disabling the Windows firewall: From a powershell command prompt:
|
|
Wish I knew the common denominator on these too. Even the stock answer we're giving people is highly questionable; I've never had to turn my firewall off. It isn't clear how doing so would help since if Windows firewall was blocking localhost, that would probably make a bunch of win32 apps pretty unhappy, nevermind WSL. The mechanism isn't magical; WSL calling WSK isn't any different from a win32 driver doing the same thing, and you'd kinda notice that if it was broken. Total 🤷. |
|
In my case turning off firewall does not change anything. |
|
That's the crux of the problem here though: it isn't So, any information you can give about your setup versus a bog stock Win 10 install, however minor, could be helpful tracking the problem. Anything different than (a) get computer from WalMart (b) install WSL (c) bind and listen to a port. Because that works. Tunneling software. Non-default network configuration. Anything. |
|
@therealkenc - Thanks for your post. Some of these applications bind to wildcard addresses (0.0.0.0) (as you can see from @Roscoe93) post above, which the Firewall can block. To the Windows Firewall, WSL processes calling into TCP/IP stack looks different than Winsock programs. That is because WSL processes are pico processes and the Windows Firewall team is yet to do the work to plumb the Pico process notifications. Opening ports in the Firewall has worked before, for example: see #1853. |
|
I understand what it is. I would still like to see the webpage in English. I don't think this is an unreasonable request. |
|
@DarthSpock , nonono, it makes no money. [手动滑稽] |
|
I have exactly the same issue,
it work for me ,thanks @samley |
bitcrazed
changed the title
|
@samley |
|
because of wegame.... thanks @matrixqq |
|
Also experienced this -- apparently TDI filter -- problem. Culprit similar to @oliveagle. However, my solution differs because I'd previously uninstalled Array Networks SSL VPN, yet
Deleting the stray driver appears to have done the trick. Frustrating, but things are listening on ports properly again (for now...). |
|
I can confirm that a TDI filter was also causing me issues. In my case, it was an old version of the PulseSecure (or Juniper) VPN client:
|
|
Yes, fuck the wegame. You are right @flyskywhy . Works below:
|
|
same issue as @corriander I renamed the |
|
补充一个: |
|
@yaxin-cn 服了啊老哥,怎么发现的?没你这句话我就放弃用wsl了 |
|
@sunilmut , I use NetWorx with one of its filter drivers on Windows 10 64-bit, and it was triggering an application (the Monero cryptocurrency daemon) that is dependent on the zeromq libraries to crash. I believe I was using the WPF filter driver in NetWorx, though, not the TDI filter driver like so many are mentioning. I wonder if your above workaround will, unfortunately, still not solve this latter issue (which might be interpreted as a zeromq bug, not a Windows bug?) See here for the zeromq discussion: zeromq/libzmq#1808 |
|
the same question with windows 10 .0.16229.309. |
|
To see the log of system, find Error 16001 may help you out! |
|
Hi, all After running
I am still having the same issue:
|
|
wegame 发布的3.12版本以后的版本已经去除了TDI过滤,解决了WSL网络监听的问题。如果是旧版本wegame导致的,请更新wegame版本并重启机器解决。 |
|
Same issue here with TDI, due to Sonicwall VPN... I cannot update my Windows build because it's a corporate image. Changing the register key to 4 didn't work, so I ended up with renaming Thanks everyone for sharing :-) |
and others
I ma unable to start a tcp listening port in Bash for windows
Expected results
I should be able to listen to a tcp port when running a Bash for windows command
Actual results (with terminal output if applicable)
I cannot connect to the listening port
Your Windows build number
OS Build 14986.1001
Steps / All commands required to reproduce the error from a brand new installation
Install netcat command
Open one bash window
Run:
lefty@Turing:~$ nc -4 -l 4434
This starts a listening server on tcp port 4434 and waits for connections
any text sent to tcp port 4434 should be printed out
Open one more bash window
Run:
lefty@Turing:~$ echo 'It works' | nc -4 -v localhost 4434
nc: connect to localhost port 4434 (tcp) failed: Connection refused
nc: connect to localhost port 4434 (tcp) failed: Connection refused
expected result:
(on an actual Ubuntu box)
On one window:
lefty@ubuntu-1gb-lon1-01:~$ nc -4 -l 4434
It works
On the other:
lefty@ubuntu-1gb-lon1-01:~$ echo 'It works' | nc -4 -v localhost 4434
Connection to localhost 4434 port [tcp/*] succeeded!
SERVER Strace:
lefty@Turing:~$ strace nc -4 -l 4434
execve("/bin/nc", ["nc", "-4", "-l", "4434"], [/* 15 vars */]) = 0
brk(NULL) = 0x859000
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f03e6930000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=36889, ...}) = 0
mmap(NULL, 36889, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f03e6926000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libbsd.so.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0004\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=81040, ...}) = 0
mmap(NULL, 2179952, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f03e63e0000
mprotect(0x7f03e63f3000, 2093056, PROT_NONE) = 0
mmap(0x7f03e65f2000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x12000) = 0x7f03e65f2000
mmap(0x7f03e65f4000, 880, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f03e65f4000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libresolv.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P9\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=101200, ...}) = 0
mmap(NULL, 2206280, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f03e61c0000
mprotect(0x7f03e61d7000, 2097152, PROT_NONE) = 0
mmap(0x7f03e63d7000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x17000) = 0x7f03e63d7000
mmap(0x7f03e63d9000, 6728, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f03e63d9000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P\t\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1864888, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f03e6920000
mmap(NULL, 3967392, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f03e5df0000
mprotect(0x7f03e5faf000, 2097152, PROT_NONE) = 0
mmap(0x7f03e61af000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1bf000) = 0x7f03e61af000
mmap(0x7f03e61b5000, 14752, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f03e61b5000
close(3) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f03e6910000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f03e6900000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f03e68f0000
arch_prctl(ARCH_SET_FS, 0x7f03e6900700) = 0
mprotect(0x7f03e61af000, 16384, PROT_READ) = 0
mprotect(0x7f03e63d7000, 4096, PROT_READ) = 0
mprotect(0x7f03e65f2000, 4096, PROT_READ) = 0
mprotect(0x606000, 4096, PROT_READ) = 0
mprotect(0x7f03e6825000, 4096, PROT_READ) = 0
munmap(0x7f03e6926000, 36889) = 0
brk(NULL) = 0x859000
brk(0x87a000) = 0x87a000
socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3
setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0
bind(3, {sa_family=AF_INET, sin_port=htons(4434), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
listen(3, 1) = 0
accept(3,
Client STRACE:
lefty@Turing:~$ echo 'It works' | strace nc -4 -v localhost 4434
execve("/bin/nc", ["nc", "-4", "-v", "localhost", "4434"], [/* 15 vars /]) = 0
brk(NULL) = 0xa5b000
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc22bab0000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=36889, ...}) = 0
mmap(NULL, 36889, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fc22baa6000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libbsd.so.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0004\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=81040, ...}) = 0
mmap(NULL, 2179952, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fc22b5e0000
mprotect(0x7fc22b5f3000, 2093056, PROT_NONE) = 0
mmap(0x7fc22b7f2000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x12000) = 0x7fc22b7f2000
mmap(0x7fc22b7f4000, 880, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fc22b7f4000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libresolv.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P9\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=101200, ...}) = 0
mmap(NULL, 2206280, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fc22b3c0000
mprotect(0x7fc22b3d7000, 2097152, PROT_NONE) = 0
mmap(0x7fc22b5d7000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x17000) = 0x7fc22b5d7000
mmap(0x7fc22b5d9000, 6728, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fc22b5d9000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P\t\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1864888, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc22baa0000
mmap(NULL, 3967392, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fc22aff0000
mprotect(0x7fc22b1af000, 2097152, PROT_NONE) = 0
mmap(0x7fc22b3af000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1bf000) = 0x7fc22b3af000
mmap(0x7fc22b3b5000, 14752, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fc22b3b5000
close(3) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc22ba90000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc22ba80000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc22ba70000
arch_prctl(ARCH_SET_FS, 0x7fc22ba80700) = 0
mprotect(0x7fc22b3af000, 16384, PROT_READ) = 0
mprotect(0x7fc22b5d7000, 4096, PROT_READ) = 0
mprotect(0x7fc22b7f2000, 4096, PROT_READ) = 0
mprotect(0x606000, 4096, PROT_READ) = 0
mprotect(0x7fc22ba25000, 4096, PROT_READ) = 0
munmap(0x7fc22baa6000, 36889) = 0
brk(NULL) = 0xa5b000
brk(0xa7c000) = 0xa7c000
socket(PF_LOCAL, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 3
connect(3, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(3) = 0
socket(PF_LOCAL, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 3
connect(3, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(3) = 0
open("/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=497, ...}) = 0
read(3, "# /etc/nsswitch.conf\n#\n# Example"..., 4096) = 497
read(3, "", 4096) = 0
close(3) = 0
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=36889, ...}) = 0
mmap(NULL, 36889, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fc22baa6000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/tls/x86_64/libnss_db.so.2", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib/x86_64-linux-gnu/tls/x86_64", 0x7fffcc71a120) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/tls/libnss_db.so.2", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib/x86_64-linux-gnu/tls", 0x7fffcc71a120) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/x86_64/libnss_db.so.2", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib/x86_64-linux-gnu/x86_64", 0x7fffcc71a120) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libnss_db.so.2", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib/x86_64-linux-gnu", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
open("/usr/lib/x86_64-linux-gnu/tls/x86_64/libnss_db.so.2", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib/x86_64-linux-gnu/tls/x86_64", 0x7fffcc71a120) = -1 ENOENT (No such file or directory)
open("/usr/lib/x86_64-linux-gnu/tls/libnss_db.so.2", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib/x86_64-linux-gnu/tls", 0x7fffcc71a120) = -1 ENOENT (No such file or directory)
open("/usr/lib/x86_64-linux-gnu/x86_64/libnss_db.so.2", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib/x86_64-linux-gnu/x86_64", 0x7fffcc71a120) = -1 ENOENT (No such file or directory)
open("/usr/lib/x86_64-linux-gnu/libnss_db.so.2", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib/x86_64-linux-gnu", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
open("/lib/tls/x86_64/libnss_db.so.2", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib/tls/x86_64", 0x7fffcc71a120) = -1 ENOENT (No such file or directory)
open("/lib/tls/libnss_db.so.2", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib/tls", 0x7fffcc71a120) = -1 ENOENT (No such file or directory)
open("/lib/x86_64/libnss_db.so.2", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib/x86_64", 0x7fffcc71a120) = -1 ENOENT (No such file or directory)
open("/lib/libnss_db.so.2", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
open("/usr/lib/tls/x86_64/libnss_db.so.2", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib/tls/x86_64", 0x7fffcc71a120) = -1 ENOENT (No such file or directory)
open("/usr/lib/tls/libnss_db.so.2", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib/tls", 0x7fffcc71a120) = -1 ENOENT (No such file or directory)
open("/usr/lib/x86_64/libnss_db.so.2", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib/x86_64", 0x7fffcc71a120) = -1 ENOENT (No such file or directory)
open("/usr/lib/libnss_db.so.2", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
munmap(0x7fc22baa6000, 36889) = 0
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=36889, ...}) = 0
mmap(NULL, 36889, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fc22baa6000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260!\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=47600, ...}) = 0
mmap(NULL, 2168600, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fc22add0000
mprotect(0x7fc22addb000, 2093056, PROT_NONE) = 0
mmap(0x7fc22afda000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xa000) = 0x7fc22afda000
mmap(0x7fc22afdc000, 22296, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fc22afdc000
close(3) = 0
mprotect(0x7fc22afda000, 4096, PROT_READ) = 0
munmap(0x7fc22baa6000, 36889) = 0
open("/etc/services", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=19605, ...}) = 0
read(3, "# Network services, Internet sty"..., 4096) = 4096
read(3, "\t\t# IPX\nipx\t\t213/udp\nimap3\t\t220/"..., 4096) = 4096
read(3, "nessus\t\t1241/tcp\t\t\t# Nessus vuln"..., 4096) = 4096
read(3, "347/tcp\t\t\t# gnutella\ngnutella-rt"..., 4096) = 4096
read(3, "ureg\t779/udp\t\tmoira_ureg\t# Moira"..., 4096) = 3221
read(3, "", 4096) = 0
close(3) = 0
getpid() = 779
open("/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=141, ...}) = 0
read(3, "# DO NOT EDIT THIS FILE BY H"..., 4096) = 141
read(3, "", 4096) = 0
close(3) = 0
uname({sysname="Linux", nodename="Turing", ...}) = 0
socket(PF_LOCAL, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 3
connect(3, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(3) = 0
socket(PF_LOCAL, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 3
connect(3, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(3) = 0
open("/etc/host.conf", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=92, ...}) = 0
read(3, "# The "order" line is only used "..., 4096) = 92
read(3, "", 4096) = 0
close(3) = 0
open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=4461, ...}) = 0
read(3, "# The following lines are desira"..., 4096) = 4096
read(3, "2\tdxbdoap14sv\teksho\n10.20.155.62"..., 4096) = 365
read(3, "", 4096) = 0
close(3) = 0
open("/etc/gai.conf", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=2584, ...}) = 0
fstat(3, {st_mode=S_IFREG|0644, st_size=2584, ...}) = 0
read(3, "# Configuration for getaddrinfo("..., 4096) = 2584
read(3, "", 4096) = 0
close(3) = 0
socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE) = 3
bind(3, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0
getsockname(3, {sa_family=AF_NETLINK, pid=779, groups=00000000}, [12]) = 0
time(NULL) = 1482979039
sendto(3, "\24\0\0\0\26\0\1\3\337vdX\0\0\0\0\0\0\0\0", 20, 0, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"<\0\0\0\24\0\2\0\337vdX\v\3\0\0\2\20\0\0\10\0\0\0\10\0\1\0\251\376w\272"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 60
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"@\0\0\0\24\0\2\0\337vdX\v\3\0\0\n@\0\0\10\0\0\0\24\0\1\0\376\200\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 64
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"<\0\0\0\24\0\2\0\337vdX\v\3\0\0\2\20\0\0\20\0\0\0\10\0\1\0\251\376\341\254"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 60
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"@\0\0\0\24\0\2\0\337vdX\v\3\0\0\n@\0\0\20\0\0\0\24\0\1\0\376\200\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 64
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"<\0\0\0\24\0\2\0\337vdX\v\3\0\0\2\20\0\0\2\0\0\0\10\0\1\0\251\376"B"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 60
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"@\0\0\0\24\0\2\0\337vdX\v\3\0\0\n@\0\375\2\0\0\0\24\0\1\0\376\200\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 64
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"<\0\0\0\24\0\2\0\337vdX\v\3\0\0\2\10\0\0\1\0\0\0\10\0\1\0\177\0\0\1"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 60
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"@\0\0\0\24\0\2\0\337vdX\v\3\0\0\n\200\0\0\1\0\0\0\24\0\1\0\0\0\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 64
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"<\0\0\0\24\0\2\0\337vdX\v\3\0\0\2\30\0\0\16\0\0\0\10\0\1\0\300\250\1"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 60
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"@\0\0\0\24\0\2\0\337vdX\v\3\0\0\n@\0\0\16\0\0\0\24\0\1\0\376\200\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 64
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"<\0\0\0\24\0\2\0\337vdX\v\3\0\0\2\20\0\0\v\0\0\0\10\0\1\0\251\376\253\7"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 60
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"@\0\0\0\24\0\2\0\337vdX\v\3\0\0\n@\0\0\v\0\0\0\24\0\1\0\376\200\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 64
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"@\0\0\0\24\0\2\0\337vdX\v\3\0\0\n@\0\0\r\0\0\0\24\0\1\0 \1\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 64
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"@\0\0\0\24\0\2\0\337vdX\v\3\0\0\n@\0\0\r\0\0\0\24\0\1\0\376\200\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 64
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"<\0\0\0\24\0\2\0\337vdX\v\3\0\0\2\30\0\0\t\0\0\0\10\0\1\0\300\250\211\1"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 60
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"@\0\0\0\24\0\2\0\337vdX\v\3\0\0\n@\0\0\t\0\0\0\24\0\1\0\376\200\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 64
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"\20\0\0\0\3\0\2\0\337vdX\v\3\0\0", 4096}], msg_controllen=0, msg_flags=0}, 0) = 16
close(3) = 0
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(4434), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
getsockname(3, {sa_family=AF_INET, sin_port=htons(61465), sin_addr=inet_addr("0.0.0.0")}, [16]) = 0
close(3) = 0
socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3
fcntl(3, F_GETFL) = 0x2 (flags O_RDWR)
fcntl(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
connect(3, {sa_family=AF_INET, sin_port=htons(4434), sin_addr=inet_addr("127.0.0.1")}, 16) = -1 ECONNREFUSED (Connection refused)
fcntl(3, F_SETFL, O_RDWR) = 0
write(2, "nc: ", 4nc: ) = 4
write(2, "connect to localhost port 4434 ("..., 43connect to localhost port 4434 (tcp) failed) = 43
write(2, ": ", 2: ) = 2
write(2, "Connection refused\n", 19Connection refused
) = 19
close(3) = 0
socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3
fcntl(3, F_GETFL) = 0x2 (flags O_RDWR)
fcntl(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
connect(3, {sa_family=AF_INET, sin_port=htons(4434), sin_addr=inet_addr("127.0.0.1")}, 16) = -1 ECONNREFUSED (Connection refused)
fcntl(3, F_SETFL, O_RDWR) = 0
write(2, "nc: ", 4nc: ) = 4
write(2, "connect to localhost port 4434 ("..., 43connect to localhost port 4434 (tcp) failed) = 43
write(2, ": ", 2: ) = 2
write(2, "Connection refused\n", 19Connection refused
) = 19
close(3) = 0
close(-1) = -1 EBADF (Bad file descriptor)
exit_group(1) = ?
+++ exited with 1 +++
This is cross cutting I first noticed it on ssh forwarding but the netcat (nc) command is the easiest to verify
Thanks
Lefty
The text was updated successfully, but these errors were encountered: