hping - 使用 TCP/UDP ping 解決防火牆攔截 ICMP ping

使用場景

暴露在外網環境的服務通常會只對白名單內的來源機器開放服務使用的端口，比如 B 機器只對 A 機器開放 TCP 8999 端口，這樣會導致 A ping B 收不到回包，無法查看 TTL 與丟包率。
hping 能指定 IP/ICMP/TCP/UDP 進行 ping, 對於上述場景，使用 hping 的 TCP 模式即可解決。

hping 支持的模式

# hping --help

Mode
  default mode     TCP
  -0  --rawip      RAW IP mode
  -1  --icmp       ICMP mode
  -2  --udp        UDP mode
  -8  --scan       SCAN mode.
                   Example: hping --scan 1-30,70-90 -S www.target.host
  -9  --listen     listen mode

CentOS 安裝 hping

yum install libpcap-devel
yum install tcl-devel
ln -s /usr/include/pcap/bpf.h /usr/include/net/bpf.h
make
rm -vf /usr/include/net/bpf.h
make install

cp -f hping3 /usr/sbin/
chmod 755 /usr/sbin/hping3
ln -s /usr/sbin/hping3 /usr/sbin/hping
ln -s /usr/sbin/hping3 /usr/sbin/hping2

例子

ping tcp://www.baidu.com:80 with SYN packet

# hping www.baidu.com -p 80 -c 10 -d 100
HPING www.baidu.com (eth0 14.215.177.38): NO FLAGS are set, 40 headers + 100 data bytes
^C
--- www.baidu.com hping statistic ---
5 packets tramitted, 0 packets received, 100% packet loss
round-trip min/avg/max = 0.0/0.0/0.0 ms

可見 tcp ping 不通，下面指定 SYN 包 ping

# hping www.baidu.com -p 80 -c 10 -d 100 -S
HPING www.baidu.com (eth0 14.215.177.38): S set, 40 headers + 100 data bytes
len=40 ip=14.215.177.38 ttl=55 id=36665 sport=80 flags=SA seq=0 win=8192 rtt=31.6 ms
len=40 ip=14.215.177.38 ttl=52 id=36434 sport=80 flags=SA seq=1 win=512 rtt=31.7 ms
len=40 ip=14.215.177.38 ttl=52 id=26944 sport=80 flags=SA seq=2 win=512 rtt=30.7 ms
len=40 ip=14.215.177.38 ttl=52 id=7870 sport=80 flags=SA seq=3 win=8192 rtt=30.3 ms
len=40 ip=14.215.177.38 ttl=52 id=2621 sport=80 flags=SA seq=4 win=512 rtt=31.0 ms
len=40 ip=14.215.177.38 ttl=55 id=5075 sport=80 flags=SA seq=5 win=512 rtt=31.2 ms
len=40 ip=14.215.177.38 ttl=52 id=15209 sport=80 flags=SA seq=6 win=8192 rtt=30.1 ms
len=40 ip=14.215.177.38 ttl=55 id=24403 sport=80 flags=SA seq=7 win=512 rtt=29.5 ms
len=40 ip=14.215.177.38 ttl=52 id=6698 sport=80 flags=SA seq=8 win=512 rtt=31.4 ms
len=40 ip=14.215.177.38 ttl=52 id=24439 sport=80 flags=SA seq=9 win=8192 rtt=31.6 ms

--- www.baidu.com hping statistic ---
10 packets tramitted, 10 packets received, 0% packet loss
round-trip min/avg/max = 29.5/30.9/31.7 ms

ping tcp://www.httpbin.org:80 with ACK packet

# hping www.httpbin.org -p 80 -c 10 -d 100 -A
HPING www.httpbin.org (eth0 54.175.219.8): A set, 40 headers + 100 data bytes
len=40 ip=54.175.219.8 ttl=39 DF id=37231 sport=80 flags=R seq=0 win=0 rtt=380.8 ms
len=40 ip=54.175.219.8 ttl=39 DF id=37232 sport=80 flags=R seq=1 win=0 rtt=366.1 ms
len=40 ip=54.175.219.8 ttl=38 DF id=37233 sport=80 flags=R seq=2 win=0 rtt=371.5 ms
len=40 ip=54.175.219.8 ttl=38 DF id=37234 sport=80 flags=R seq=3 win=0 rtt=383.4 ms
len=40 ip=54.175.219.8 ttl=39 DF id=37236 sport=80 flags=R seq=5 win=0 rtt=365.1 ms
len=40 ip=54.175.219.8 ttl=38 DF id=37237 sport=80 flags=R seq=6 win=0 rtt=379.8 ms
len=40 ip=54.175.219.8 ttl=38 DF id=37238 sport=80 flags=R seq=7 win=0 rtt=380.4 ms
len=40 ip=54.175.219.8 ttl=38 DF id=37239 sport=80 flags=R seq=8 win=0 rtt=367.9 ms
len=40 ip=54.175.219.8 ttl=39 DF id=37240 sport=80 flags=R seq=9 win=0 rtt=374.2 ms

--- www.httpbin.org hping statistic ---
10 packets tramitted, 9 packets received, 10% packet loss
round-trip min/avg/max = 365.1/374.4/383.4 ms

hping - 使用 TCP/UDP ping 解決防火牆攔截 ICMP ping

使用場景

CentOS 安裝 hping

例子

hping - 使用 TCP/UDP ping 解決防火牆攔截 ICMP ping

Mac下配置sublime實現LaTeX

https://yachay.unat.edu.pe/blog/index.php?comment_area=format_blog&comment_component=blog&comment_co

linux以太網驅動總結