使用这个小的ruby脚本+ packetfu,我尝试将广播数据包重新传输到多个主机:
#!/usr/bin/ruby
require 'rubygems'
require 'packetfu'
dev = ARGV[0]
mac=`ip link show #{dev} | awk '/ether/ {print $2}'`
ARGV.shift
dests = ARGV
cap = PacketFu::Capture.new(
:timeout => 4000,
:iface => dev, :start => true,
:filter => "ether src #{mac} and ether[0] & 1 = 1")
loop do
cap.stream.each do |pkt|
frame = PacketFu::IPPacket.parse(pkt)
i = 0
dests.each do |dest|
frame.eth_daddr = dest
frame.ip_header.ip_id = frame.ip_header.ip_id + i
frame.ip_header.ip_sum = frame.ip_header.ip_calc_sum()
frame.to_w(dev)
i = i + 1
end
end
end
使用tcpdump,我看到它们被重新发送(发送了几个
次)。
$ echo "foo" | netcat -ub 192.168.15.255 54321
在host1(源主机)上,tcpdump现在向我显示:
12:19:30.602374 0a:f4:8d:75:e5:af > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 46: 192.168.15.17.36339 > 192.168.15.255.54321: UDP, length 4
12:19:30.605856 0a:f4:8d:75:e5:af > 0a:a2:5f:f1:de:e4, ethertype IPv4 (0x0800), length 46: 192.168.15.17.36339 > 192.168.15.255.54321: UDP, length 4
12:19:30.608896 0a:f4:8d:75:e5:af > 0a:25:ef:2c:24:e3, ethertype IPv4 (0x0800), length 46: 192.168.15.17.36339 > 192.168.15.255.54321: UDP, length 4
在host2(目标主机,mac地址0a:a2:5f:f1:de:e4)上,tcpdump不显示任何内容。
安全策略允许VPC中的所有流量。
你有什么想法吗? 我确定我错过了一些小事。
答案 0 :(得分:0)
(我感谢 Kenta Yasukawa 的答案):
Have you turned off the source/destination check for your instances? By
default, EC2 instances drop an incoming packet whose destination address does
not match the receiver IP address. You can disable it by right-clicking on an
instance in Management console and select "Change Source / Destination check",
and click disable.
使用EC API工具禁用ckeck:
$ ec2-modify-network-interface-attribute --source-dest-check False eni-8c8c9bca