Closing TCP Connection - c

I'm trying to send data using the booster pack cc3000 by Texas Instruments. Therefore I implemented a TCP server socket on my board. I can successfully accept a pending connection and send and receive data on the given socket. In my protocol the client is responsible for closing the connection after reading the response. But after some transmissions the transmissions becomes slow. If I inspect the WLAN traffic using Wireshark I see there is a problem with the socket close procedure. My client is a java based program. The board uses address 100 and the computer runs under 102.
The TCP stream looks the following:
31 4.696711000 192.168.2.102 192.168.2.100 TCP 66 50721 > http-alt [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=4 SACK_PERM=1
32 4.700359000 192.168.2.100 192.168.2.102 TCP 58 http-alt > 50721 [SYN, ACK] Seq=0 Ack=1 Win=1460 Len=0 MSS=1460
33 4.700394000 192.168.2.102 192.168.2.100 TCP 54 50721 > http-alt [ACK] Seq=1 Ack=1 Win=17520 Len=0
34 4.700461000 192.168.2.102 192.168.2.100 HTTP 55 Continuation or non-HTTP traffic
35 4.705454000 192.168.2.100 192.168.2.102 TCP 54 http-alt > 50721 [ACK] Seq=1 Ack=2 Win=1460 Len=0
36 4.705476000 192.168.2.102 192.168.2.100 TCP 57 [TCP segment of a reassembled PDU]
37 4.709035000 192.168.2.100 192.168.2.102 TCP 54 http-alt > 50721 [ACK] Seq=1 Ack=5 Win=1460 Len=0
38 5.194961000 192.168.2.100 192.168.2.102 TCP 58 [TCP segment of a reassembled PDU]
39 5.196220000 192.168.2.100 192.168.2.102 HTTP 154 Continuation or non-HTTP traffic
40 5.196244000 192.168.2.102 192.168.2.100 TCP 54 50721 > http-alt [ACK] Seq=5 Ack=105 Win=17416 Len=0
41 5.196286000 192.168.2.102 192.168.2.100 TCP 54 50721 > http-alt [FIN, ACK] Seq=5 Ack=105 Win=17416 Len=0
42 5.202194000 192.168.2.100 192.168.2.102 TCP 54 http-alt > 50721 [ACK] Seq=105 Ack=6 Win=1460 Len=0
138 24.245036000 192.168.2.100 192.168.2.102 TCP 54 http-alt > 50721 [FIN, ACK] Seq=105 Ack=6 Win=1460 Len=0
139 24.245060000 192.168.2.102 192.168.2.100 TCP 54 50721 > http-alt [ACK] Seq=6 Ack=106 Win=17416 Len=0
After about 10 transmissions I get a FIN/ACK cascade. The last FIN/ACK above is part of this cascade. It looks like if the sockets are not completely closed and the HW module starts now closing all sockets in a row.
My Java - client does the following
Socket b = new Socket("192.168.2.100",8080);
OutputStream o = b.getOutputStream();
o.write(10);
o.write(0);
o.write(0);
o.write(0);
o.flush();
InputStream i = b.getInputStream();
int id = i.read();
int gId = i.read();
int lengthA = i.read();
int lengthB = i.read();
int length = (lengthB<<8)|lengthA;
if(length < 0|| length > 1000)
{
b.close();
return;
}
System.out.println(new Date()+" GantryID: "+gId+" Package with id: "+id+" has length: "+length+" payload: ");
DataInputStream ds = new DataInputStream(i);
byte[] buffer = new byte[length];
ds.readFully(buffer);
b.close();
System.out.println(new String(buffer));
The server is a little more complex but the important commands are:
return recv(handle, data, size, 0); //Read request header
return recv(handle, data, size, 0); //Read request payload
send(handle, data, size, 0); //Write response header
send(handle, data, size, 0); //Write response payload
//No Close only set socket handle to -1
Does anyone have a idea what is going on. I would appreciate any help and ideas.

Related

WebRTC blank video on Firefox >= 90.0

I have a problem with a video from remote sdp not showing on Firefox on version >= 90.0 (does work on any other browser like Chrome, Opera, Edge). It works fine on version >=89.0.2 and i have no idea what causing this issue
Firefox version 89.0.2
Local sdp:
v=0
o=mozilla...THIS_IS_SDPARTA-89.0.2 742372061482680230 0 IN IP4 0.0.0.0
s=-
t=0 0
a=fingerprint:sha-256 AC:FD:FB:9D:BF:E7:1B:74:AC:A8:59:6B:F9:FE:B4:D0:15:EB:9C:9D:54:0A:3C:F0:A3:4B:39:32:88:92:AA:C9
a=group:BUNDLE 0 1
a=ice-options:trickle
a=msid-semantic:WMS *
m=audio 9 UDP/TLS/RTP/SAVPF 109 9 0 8 101
c=IN IP4 0.0.0.0
a=sendrecv
a=extmap:1 urn:ietf:params:rtp-hdrext:ssrc-audio-level
a=extmap:2/recvonly urn:ietf:params:rtp-hdrext:csrc-audio-level
a=extmap:3 urn:ietf:params:rtp-hdrext:sdes:mid
a=fmtp:109 maxplaybackrate=48000;stereo=1;useinbandfec=1
a=fmtp:101 0-15
a=ice-pwd:acc210243a74aef9a612fb944269e3bd
a=ice-ufrag:ac64f811
a=mid:0
a=msid:{a4442659-b580-45d1-926b-855a5abb2ce5} {55d9c638-6580-41f7-a198-c4e4da48c0a9}
a=rtcp-mux
a=rtpmap:109 opus/48000/2
a=rtpmap:9 G722/8000/1
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:101 telephone-event/8000/1
a=setup:actpass
a=ssrc:1370367419 cname:{858121e4-b01a-410c-bc0f-2c7a46736d78}
m=video 9 UDP/TLS/RTP/SAVPF 120 124 121 125 126 127 97 98
c=IN IP4 0.0.0.0
a=sendrecv
a=extmap:3 urn:ietf:params:rtp-hdrext:sdes:mid
a=extmap:4 http://www.webrtc.org/experiments/rtp-hdrext/abs-send-time
a=extmap:5 urn:ietf:params:rtp-hdrext:toffset
a=extmap:6/recvonly http://www.webrtc.org/experiments/rtp-hdrext/playout-delay
a=extmap:7 http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
a=fmtp:126 profile-level-id=42e01f;level-asymmetry-allowed=1;packetization-mode=1
a=fmtp:97 profile-level-id=42e01f;level-asymmetry-allowed=1
a=fmtp:120 max-fs=12288;max-fr=60
a=fmtp:124 apt=120
a=fmtp:121 max-fs=12288;max-fr=60
a=fmtp:125 apt=121
a=fmtp:127 apt=126
a=fmtp:98 apt=97
a=ice-pwd:acc210243a74aef9a612fb944269e3bd
a=ice-ufrag:ac64f811
a=mid:1
a=msid:{a4442659-b580-45d1-926b-855a5abb2ce5} {b1684ca8-1a76-489a-ac8f-505d8db4a91a}
a=rtcp-fb:120 nack
a=rtcp-fb:120 nack pli
a=rtcp-fb:120 ccm fir
a=rtcp-fb:120 goog-remb
a=rtcp-fb:120 transport-cc
a=rtcp-fb:121 nack
a=rtcp-fb:121 nack pli
a=rtcp-fb:121 ccm fir
a=rtcp-fb:121 goog-remb
a=rtcp-fb:121 transport-cc
a=rtcp-fb:126 nack
a=rtcp-fb:126 nack pli
a=rtcp-fb:126 ccm fir
a=rtcp-fb:126 goog-remb
a=rtcp-fb:126 transport-cc
a=rtcp-fb:97 nack
a=rtcp-fb:97 nack pli
a=rtcp-fb:97 ccm fir
a=rtcp-fb:97 goog-remb
a=rtcp-fb:97 transport-cc
a=rtcp-mux
a=rtcp-rsize
a=rtpmap:120 VP8/90000
a=rtpmap:124 rtx/90000
a=rtpmap:121 VP9/90000
a=rtpmap:125 rtx/90000
a=rtpmap:126 H264/90000
a=rtpmap:127 rtx/90000
a=rtpmap:97 H264/90000
a=rtpmap:98 rtx/90000
a=setup:actpass
a=ssrc:945317264 cname:{858121e4-b01a-410c-bc0f-2c7a46736d78}
a=ssrc:662102401 cname:{858121e4-b01a-410c-bc0f-2c7a46736d78}
a=ssrc-group:FID 945317264 662102401
O 1 671 457 224 786 (+18 077 ms)
v=0
o=mozilla...THIS_IS_SDPARTA-89.0.2 742372061482680230 0 IN IP4 0.0.0.0
s=-
t=0 0
a=sendrecv
a=fingerprint:sha-256 AC:FD:FB:9D:BF:E7:1B:74:AC:A8:59:6B:F9:FE:B4:D0:15:EB:9C:9D:54:0A:3C:F0:A3:4B:39:32:88:92:AA:C9
a=group:BUNDLE 0 1
a=ice-options:trickle
a=msid-semantic:WMS *
m=audio 57307 UDP/TLS/RTP/SAVPF 109 9 0 8 101
c=IN IP4 172.29.160.1
a=candidate:0 1 UDP 2122121471 10.100.1.109 57305 typ host
a=candidate:1 1 UDP 2122187007 192.168.1.22 57306 typ host
a=candidate:2 1 UDP 2122252543 172.29.160.1 57307 typ host
a=candidate:3 1 TCP 2105393407 10.100.1.109 9 typ host tcptype active
a=candidate:4 1 TCP 2105458943 192.168.1.22 9 typ host tcptype active
a=candidate:5 1 TCP 2105524479 172.29.160.1 9 typ host tcptype active
a=candidate:0 2 UDP 2122121470 10.100.1.109 57308 typ host
a=candidate:1 2 UDP 2122187006 192.168.1.22 57309 typ host
a=candidate:2 2 UDP 2122252542 172.29.160.1 57310 typ host
a=candidate:3 2 TCP 2105393406 10.100.1.109 9 typ host tcptype active
a=candidate:4 2 TCP 2105458942 192.168.1.22 9 typ host tcptype active
a=candidate:5 2 TCP 2105524478 172.29.160.1 9 typ host tcptype active
a=sendrecv
a=end-of-candidates
a=extmap:1 urn:ietf:params:rtp-hdrext:ssrc-audio-level
a=extmap:2/recvonly urn:ietf:params:rtp-hdrext:csrc-audio-level
a=extmap:3 urn:ietf:params:rtp-hdrext:sdes:mid
a=fmtp:109 maxplaybackrate=48000;stereo=1;useinbandfec=1
a=fmtp:101 0-15
a=ice-pwd:acc210243a74aef9a612fb944269e3bd
a=ice-ufrag:ac64f811
a=mid:0
a=msid:{a4442659-b580-45d1-926b-855a5abb2ce5} {55d9c638-6580-41f7-a198-c4e4da48c0a9}
a=rtcp:57310 IN IP4 172.29.160.1
a=rtcp-mux
a=rtpmap:109 opus/48000/2
a=rtpmap:9 G722/8000/1
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:101 telephone-event/8000
a=setup:actpass
a=ssrc:1370367419 cname:{858121e4-b01a-410c-bc0f-2c7a46736d78}
m=video 57313 UDP/TLS/RTP/SAVPF 120 124 121 125 126 127 97 98
c=IN IP4 172.29.160.1
a=candidate:0 1 UDP 2122121471 10.100.1.109 57311 typ host
a=candidate:1 1 UDP 2122187007 192.168.1.22 57312 typ host
a=candidate:2 1 UDP 2122252543 172.29.160.1 57313 typ host
a=candidate:3 1 TCP 2105393407 10.100.1.109 9 typ host tcptype active
a=candidate:4 1 TCP 2105458943 192.168.1.22 9 typ host tcptype active
a=candidate:5 1 TCP 2105524479 172.29.160.1 9 typ host tcptype active
a=candidate:0 2 UDP 2122121470 10.100.1.109 57314 typ host
a=candidate:1 2 UDP 2122187006 192.168.1.22 57315 typ host
a=candidate:2 2 UDP 2122252542 172.29.160.1 57316 typ host
a=candidate:3 2 TCP 2105393406 10.100.1.109 9 typ host tcptype active
a=candidate:4 2 TCP 2105458942 192.168.1.22 9 typ host tcptype active
a=candidate:5 2 TCP 2105524478 172.29.160.1 9 typ host tcptype active
a=sendrecv
a=end-of-candidates
a=extmap:3 urn:ietf:params:rtp-hdrext:sdes:mid
a=extmap:4 http://www.webrtc.org/experiments/rtp-hdrext/abs-send-time
a=extmap:5 urn:ietf:params:rtp-hdrext:toffset
a=extmap:6/recvonly http://www.webrtc.org/experiments/rtp-hdrext/playout-delay
a=extmap:7 http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
a=fmtp:126 profile-level-id=42e01f;level-asymmetry-allowed=1;packetization-mode=1
a=fmtp:97 profile-level-id=42e01f;level-asymmetry-allowed=1
a=fmtp:120 max-fs=12288;max-fr=60
a=fmtp:124 apt=120
a=fmtp:121 max-fs=12288;max-fr=60
a=fmtp:125 apt=121
a=fmtp:127 apt=126
a=fmtp:98 apt=97
a=ice-pwd:acc210243a74aef9a612fb944269e3bd
a=ice-ufrag:ac64f811
a=mid:1
a=msid:{a4442659-b580-45d1-926b-855a5abb2ce5} {b1684ca8-1a76-489a-ac8f-505d8db4a91a}
a=rtcp:57316 IN IP4 172.29.160.1
a=rtcp-fb:120 nack
a=rtcp-fb:120 nack pli
a=rtcp-fb:120 ccm fir
a=rtcp-fb:120 goog-remb
a=rtcp-fb:120 transport-cc
a=rtcp-fb:121 nack
a=rtcp-fb:121 nack pli
a=rtcp-fb:121 ccm fir
a=rtcp-fb:121 goog-remb
a=rtcp-fb:121 transport-cc
a=rtcp-fb:126 nack
a=rtcp-fb:126 nack pli
a=rtcp-fb:126 ccm fir
a=rtcp-fb:126 goog-remb
a=rtcp-fb:126 transport-cc
a=rtcp-fb:97 nack
a=rtcp-fb:97 nack pli
a=rtcp-fb:97 ccm fir
a=rtcp-fb:97 goog-remb
a=rtcp-fb:97 transport-cc
a=rtcp-mux
a=rtcp-rsize
a=rtpmap:120 VP8/90000
a=rtpmap:124 rtx/90000
a=rtpmap:121 VP9/90000
a=rtpmap:125 rtx/90000
a=rtpmap:126 H264/90000
a=rtpmap:127 rtx/90000
a=rtpmap:97 H264/90000
a=rtpmap:98 rtx/90000
a=setup:actpass
a=ssrc:945317264 cname:{858121e4-b01a-410c-bc0f-2c7a46736d78}
a=ssrc:662102401 cname:{858121e4-b01a-410c-bc0f-2c7a46736d78}
a=ssrc-group:FID 945317264 662102401
Remote sdp:
v=0
o=- 123 1 IN IP4 127.0.0.1
s=-
t=0 0
a=fingerprint:sha-256 93:70:63:FC:98:35:64:50:AB:07:B7:56:72:82:B8:6A:0E:58:D7:50:01:C0:D7:4A:01:86:C2:28:B1:AF:0C:E9
a=group:BUNDLE 0 1
a=ice-options:trickle
a=msid-semantic: WMS *
m=audio 1 RTP/SAVPF 8
c=IN IP4 0.0.0.0
a=candidate:1 1 udp 50 10.100.1.109 7070 typ host generation 0
a=candidate:1 2 udp 49 10.100.1.109 7070 typ host generation 0
a=inactive
a=ice-ufrag:wTURmjFPYaT2QrhY
a=ice-pwd:ALmcOQbLq5WnGMJ0QHZEBv1C
a=mid:0
a=msid:6bedb9d9-4a34-4fc5-a4e2-0228b1175ff3 21e020d5-0d34-404c-8d0f-c2176654ec8f
a=rtcp:2 IN 0.0.0.0 IP4
a=rtcp-mux
a=rtpmap:8 PCMA/8000
a=setup:passive
a=bundle-only
a=ssrc:2119652489 cname:baf88792-8306-49a1-9a52-bdeb340e7830
m=video 1 RTP/SAVPF 100
c=IN IP4 0.0.0.0
a=candidate:1 1 udp 50 10.100.1.109 7071 typ host generation 0
a=candidate:1 2 udp 49 10.100.1.109 7071 typ host generation 0
a=inactive
a=ice-ufrag:wTURmjFPYaT2QrhY
a=ice-pwd:ALmcOQbLq5WnGMJ0QHZEBv1C
a=mid:1
a=msid:6bedb9d9-4a34-4fc5-a4e2-0228b1175ff3 31f082d9-7b73-42cb-9ed1-09961329abd0
a=rtcp:2 IN 0.0.0.0 IP4
a=rtcp-mux
a=rtpmap:100 VP8/90000
a=rtcp-fb:100 nack
a=rtcp-fb:100 nack pli
a=rtcp-fb:100 goog-remb
a=rtcp-fb:100 transport-cc
a=setup:passive
a=bundle-only
a=ssrc:4121478096 cname:baf88792-8306-49a1-9a52-bdeb340e7830
O 1 671 457 224 796 (+18 087 ms)
v=0
o=- 123 1 IN IP4 127.0.0.1
s=-
t=0 0
a=fingerprint:sha-256 93:70:63:FC:98:35:64:50:AB:07:B7:56:72:82:B8:6A:0E:58:D7:50:01:C0:D7:4A:01:86:C2:28:B1:AF:0C:E9
a=group:BUNDLE 0 1
a=ice-options:trickle
a=msid-semantic: WMS *
m=audio 1 RTP/SAVPF 8
c=IN IP4 0.0.0.0
a=candidate:1 1 udp 50 10.100.1.109 7070 typ host generation 0
a=candidate:1 2 udp 49 10.100.1.109 7070 typ host generation 0
a=sendrecv
a=ice-ufrag:wTURmjFPYaT2QrhY
a=ice-pwd:ALmcOQbLq5WnGMJ0QHZEBv1C
a=mid:0
a=msid:6d6a5d67-fc98-487a-ae11-feadf0a83550_2 694408ad-38a9-4370-9bf7-a6ddd358740e
a=rtcp:2 IN 0.0.0.0 IP4
a=rtcp-mux
a=rtpmap:8 PCMA/8000
a=setup:passive
a=bundle-only
a=ssrc:1888215093 cname:xpWB66DXxxbEXrg9
m=video 1 RTP/SAVPF 100
c=IN IP4 0.0.0.0
a=candidate:1 1 udp 50 10.100.1.109 7071 typ host generation 0
a=candidate:1 2 udp 49 10.100.1.109 7071 typ host generation 0
a=sendrecv
a=ice-ufrag:wTURmjFPYaT2QrhY
a=ice-pwd:ALmcOQbLq5WnGMJ0QHZEBv1C
a=mid:1
a=msid:6d6a5d67-fc98-487a-ae11-feadf0a83550_2 54387bb6-ba0c-44ba-9811-f7d633371968
a=rtcp:2 IN 0.0.0.0 IP4
a=rtcp-mux
a=rtpmap:100 VP8/90000
a=rtcp-fb:100 nack
a=rtcp-fb:100 nack pli
a=rtcp-fb:100 goog-remb
a=rtcp-fb:100 transport-cc
a=setup:passive
a=bundle-only
a=ssrc:1079489670 cname:G9MLJqqUtxfIQKyH
RTP Stats:
Firefox version >= 90.0
Local sdp:
v=0
o=mozilla...THIS_IS_SDPARTA-90.0 8353154283338443297 0 IN IP4 0.0.0.0
s=-
t=0 0
a=fingerprint:sha-256 C1:21:34:75:76:EE:AA:32:AD:D9:BB:C1:DD:7B:BD:82:1E:E3:85:8A:D1:A4:73:1E:35:76:40:16:54:D6:EB:DB
a=group:BUNDLE 0 1
a=ice-options:trickle
a=msid-semantic:WMS *
m=audio 9 UDP/TLS/RTP/SAVPF 109 9 0 8 101
c=IN IP4 0.0.0.0
a=sendrecv
a=extmap:1 urn:ietf:params:rtp-hdrext:ssrc-audio-level
a=extmap:2/recvonly urn:ietf:params:rtp-hdrext:csrc-audio-level
a=extmap:3 urn:ietf:params:rtp-hdrext:sdes:mid
a=fmtp:109 maxplaybackrate=48000;stereo=1;useinbandfec=1
a=fmtp:101 0-15
a=ice-pwd:8118e393f3952040e0060e800c17dbc2
a=ice-ufrag:b515cfad
a=mid:0
a=msid:{d4ef79cc-6ab6-4464-b581-ece2c3fbf1e0} {94e2d2bc-2124-4c93-87e2-ea9bd0e10945}
a=rtcp-mux
a=rtpmap:109 opus/48000/2
a=rtpmap:9 G722/8000/1
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:101 telephone-event/8000/1
a=setup:actpass
a=ssrc:2400082512 cname:{ca38a686-634a-477e-89a3-16f4b00ce5c6}
m=video 9 UDP/TLS/RTP/SAVPF 120 124 121 125 126 127 97 98
c=IN IP4 0.0.0.0
a=sendrecv
a=extmap:3 urn:ietf:params:rtp-hdrext:sdes:mid
a=extmap:4 http://www.webrtc.org/experiments/rtp-hdrext/abs-send-time
a=extmap:5 urn:ietf:params:rtp-hdrext:toffset
a=extmap:6/recvonly http://www.webrtc.org/experiments/rtp-hdrext/playout-delay
a=extmap:7 http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
a=fmtp:126 profile-level-id=42e01f;level-asymmetry-allowed=1;packetization-mode=1
a=fmtp:97 profile-level-id=42e01f;level-asymmetry-allowed=1
a=fmtp:120 max-fs=12288;max-fr=60
a=fmtp:124 apt=120
a=fmtp:121 max-fs=12288;max-fr=60
a=fmtp:125 apt=121
a=fmtp:127 apt=126
a=fmtp:98 apt=97
a=ice-pwd:8118e393f3952040e0060e800c17dbc2
a=ice-ufrag:b515cfad
a=mid:1
a=msid:{d4ef79cc-6ab6-4464-b581-ece2c3fbf1e0} {ee4a3916-55a7-4992-8134-c81ac8cea572}
a=rtcp-fb:120 nack
a=rtcp-fb:120 nack pli
a=rtcp-fb:120 ccm fir
a=rtcp-fb:120 goog-remb
a=rtcp-fb:120 transport-cc
a=rtcp-fb:121 nack
a=rtcp-fb:121 nack pli
a=rtcp-fb:121 ccm fir
a=rtcp-fb:121 goog-remb
a=rtcp-fb:121 transport-cc
a=rtcp-fb:126 nack
a=rtcp-fb:126 nack pli
a=rtcp-fb:126 ccm fir
a=rtcp-fb:126 goog-remb
a=rtcp-fb:126 transport-cc
a=rtcp-fb:97 nack
a=rtcp-fb:97 nack pli
a=rtcp-fb:97 ccm fir
a=rtcp-fb:97 goog-remb
a=rtcp-fb:97 transport-cc
a=rtcp-mux
a=rtcp-rsize
a=rtpmap:120 VP8/90000
a=rtpmap:124 rtx/90000
a=rtpmap:121 VP9/90000
a=rtpmap:125 rtx/90000
a=rtpmap:126 H264/90000
a=rtpmap:127 rtx/90000
a=rtpmap:97 H264/90000
a=rtpmap:98 rtx/90000
a=setup:actpass
a=ssrc:4074242173 cname:{ca38a686-634a-477e-89a3-16f4b00ce5c6}
a=ssrc:3652788950 cname:{ca38a686-634a-477e-89a3-16f4b00ce5c6}
a=ssrc-group:FID 4074242173 3652788950
O 1 671 457 637 509 (+15 993 ms)
v=0
o=mozilla...THIS_IS_SDPARTA-90.0 8353154283338443297 0 IN IP4 0.0.0.0
s=-
t=0 0
a=sendrecv
a=fingerprint:sha-256 C1:21:34:75:76:EE:AA:32:AD:D9:BB:C1:DD:7B:BD:82:1E:E3:85:8A:D1:A4:73:1E:35:76:40:16:54:D6:EB:DB
a=group:BUNDLE 0 1
a=ice-options:trickle
a=msid-semantic:WMS *
m=audio 50163 UDP/TLS/RTP/SAVPF 109 9 0 8 101
c=IN IP4 172.29.160.1
a=candidate:0 1 UDP 2122121471 10.100.1.109 50161 typ host
a=candidate:1 1 UDP 2122187007 192.168.1.22 50162 typ host
a=candidate:2 1 UDP 2122252543 172.29.160.1 50163 typ host
a=candidate:3 1 TCP 2105393407 10.100.1.109 9 typ host tcptype active
a=candidate:4 1 TCP 2105458943 192.168.1.22 9 typ host tcptype active
a=candidate:5 1 TCP 2105524479 172.29.160.1 9 typ host tcptype active
a=candidate:0 2 UDP 2122121470 10.100.1.109 50164 typ host
a=candidate:1 2 UDP 2122187006 192.168.1.22 50165 typ host
a=candidate:2 2 UDP 2122252542 172.29.160.1 50166 typ host
a=candidate:3 2 TCP 2105393406 10.100.1.109 9 typ host tcptype active
a=candidate:4 2 TCP 2105458942 192.168.1.22 9 typ host tcptype active
a=candidate:5 2 TCP 2105524478 172.29.160.1 9 typ host tcptype active
a=sendrecv
a=end-of-candidates
a=extmap:1 urn:ietf:params:rtp-hdrext:ssrc-audio-level
a=extmap:2/recvonly urn:ietf:params:rtp-hdrext:csrc-audio-level
a=extmap:3 urn:ietf:params:rtp-hdrext:sdes:mid
a=fmtp:109 maxplaybackrate=48000;stereo=1;useinbandfec=1
a=fmtp:101 0-15
a=ice-pwd:8118e393f3952040e0060e800c17dbc2
a=ice-ufrag:b515cfad
a=mid:0
a=msid:{d4ef79cc-6ab6-4464-b581-ece2c3fbf1e0} {94e2d2bc-2124-4c93-87e2-ea9bd0e10945}
a=rtcp:50166 IN IP4 172.29.160.1
a=rtcp-mux
a=rtpmap:109 opus/48000/2
a=rtpmap:9 G722/8000/1
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:101 telephone-event/8000
a=setup:actpass
a=ssrc:2400082512 cname:{ca38a686-634a-477e-89a3-16f4b00ce5c6}
m=video 50169 UDP/TLS/RTP/SAVPF 120 124 121 125 126 127 97 98
c=IN IP4 172.29.160.1
a=candidate:0 1 UDP 2122121471 10.100.1.109 50167 typ host
a=candidate:1 1 UDP 2122187007 192.168.1.22 50168 typ host
a=candidate:2 1 UDP 2122252543 172.29.160.1 50169 typ host
a=candidate:3 1 TCP 2105393407 10.100.1.109 9 typ host tcptype active
a=candidate:4 1 TCP 2105458943 192.168.1.22 9 typ host tcptype active
a=candidate:5 1 TCP 2105524479 172.29.160.1 9 typ host tcptype active
a=candidate:0 2 UDP 2122121470 10.100.1.109 50170 typ host
a=candidate:1 2 UDP 2122187006 192.168.1.22 50171 typ host
a=candidate:2 2 UDP 2122252542 172.29.160.1 50172 typ host
a=candidate:3 2 TCP 2105393406 10.100.1.109 9 typ host tcptype active
a=candidate:4 2 TCP 2105458942 192.168.1.22 9 typ host tcptype active
a=candidate:5 2 TCP 2105524478 172.29.160.1 9 typ host tcptype active
a=sendrecv
a=end-of-candidates
a=extmap:3 urn:ietf:params:rtp-hdrext:sdes:mid
a=extmap:4 http://www.webrtc.org/experiments/rtp-hdrext/abs-send-time
a=extmap:5 urn:ietf:params:rtp-hdrext:toffset
a=extmap:6/recvonly http://www.webrtc.org/experiments/rtp-hdrext/playout-delay
a=extmap:7 http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
a=fmtp:126 profile-level-id=42e01f;level-asymmetry-allowed=1;packetization-mode=1
a=fmtp:97 profile-level-id=42e01f;level-asymmetry-allowed=1
a=fmtp:120 max-fs=12288;max-fr=60
a=fmtp:124 apt=120
a=fmtp:121 max-fs=12288;max-fr=60
a=fmtp:125 apt=121
a=fmtp:127 apt=126
a=fmtp:98 apt=97
a=ice-pwd:8118e393f3952040e0060e800c17dbc2
a=ice-ufrag:b515cfad
a=mid:1
a=msid:{d4ef79cc-6ab6-4464-b581-ece2c3fbf1e0} {ee4a3916-55a7-4992-8134-c81ac8cea572}
a=rtcp:50172 IN IP4 172.29.160.1
a=rtcp-fb:120 nack
a=rtcp-fb:120 nack pli
a=rtcp-fb:120 ccm fir
a=rtcp-fb:120 goog-remb
a=rtcp-fb:120 transport-cc
a=rtcp-fb:121 nack
a=rtcp-fb:121 nack pli
a=rtcp-fb:121 ccm fir
a=rtcp-fb:121 goog-remb
a=rtcp-fb:121 transport-cc
a=rtcp-fb:126 nack
a=rtcp-fb:126 nack pli
a=rtcp-fb:126 ccm fir
a=rtcp-fb:126 goog-remb
a=rtcp-fb:126 transport-cc
a=rtcp-fb:97 nack
a=rtcp-fb:97 nack pli
a=rtcp-fb:97 ccm fir
a=rtcp-fb:97 goog-remb
a=rtcp-fb:97 transport-cc
a=rtcp-mux
a=rtcp-rsize
a=rtpmap:120 VP8/90000
a=rtpmap:124 rtx/90000
a=rtpmap:121 VP9/90000
a=rtpmap:125 rtx/90000
a=rtpmap:126 H264/90000
a=rtpmap:127 rtx/90000
a=rtpmap:97 H264/90000
a=rtpmap:98 rtx/90000
a=setup:actpass
a=ssrc:4074242173 cname:{ca38a686-634a-477e-89a3-16f4b00ce5c6}
a=ssrc:3652788950 cname:{ca38a686-634a-477e-89a3-16f4b00ce5c6}
a=ssrc-group:FID 4074242173 3652788950
Remote sdp:
v=0
o=- 123 1 IN IP4 127.0.0.1
s=-
t=0 0
a=fingerprint:sha-256 93:70:63:FC:98:35:64:50:AB:07:B7:56:72:82:B8:6A:0E:58:D7:50:01:C0:D7:4A:01:86:C2:28:B1:AF:0C:E9
a=group:BUNDLE 0 1
a=ice-options:trickle
a=msid-semantic: WMS *
m=audio 1 RTP/SAVPF 8
c=IN IP4 0.0.0.0
a=candidate:1 1 udp 50 10.100.1.109 7074 typ host generation 0
a=candidate:1 2 udp 49 10.100.1.109 7074 typ host generation 0
a=inactive
a=ice-ufrag:5uVuNDrpZIRuqFnv
a=ice-pwd:2gTsLDmpv3Rc0SJDsc3MydjT
a=mid:0
a=msid:77975ac5-83a8-41d3-95d6-28330784cf7e 5cabb463-4897-47a7-b216-3eb503e7a7f1
a=rtcp:2 IN 0.0.0.0 IP4
a=rtcp-mux
a=rtpmap:8 PCMA/8000
a=setup:passive
a=bundle-only
a=ssrc:141019633 cname:484ad88b-f66d-4478-9efc-4274dec179c3
m=video 1 RTP/SAVPF 100
c=IN IP4 0.0.0.0
a=candidate:1 1 udp 50 10.100.1.109 7075 typ host generation 0
a=candidate:1 2 udp 49 10.100.1.109 7075 typ host generation 0
a=inactive
a=ice-ufrag:5uVuNDrpZIRuqFnv
a=ice-pwd:2gTsLDmpv3Rc0SJDsc3MydjT
a=mid:1
a=msid:77975ac5-83a8-41d3-95d6-28330784cf7e ea40ec6c-8f23-4876-8603-4e88e4685c93
a=rtcp:2 IN 0.0.0.0 IP4
a=rtcp-mux
a=rtpmap:100 VP8/90000
a=rtcp-fb:100 nack
a=rtcp-fb:100 nack pli
a=rtcp-fb:100 goog-remb
a=rtcp-fb:100 transport-cc
a=setup:passive
a=bundle-only
a=ssrc:1824197586 cname:484ad88b-f66d-4478-9efc-4274dec179c3
O 1 671 457 637 515 (+15 999 ms)
v=0
o=- 123 1 IN IP4 127.0.0.1
s=-
t=0 0
a=fingerprint:sha-256 93:70:63:FC:98:35:64:50:AB:07:B7:56:72:82:B8:6A:0E:58:D7:50:01:C0:D7:4A:01:86:C2:28:B1:AF:0C:E9
a=group:BUNDLE 0 1
a=ice-options:trickle
a=msid-semantic: WMS *
m=audio 1 RTP/SAVPF 8
c=IN IP4 0.0.0.0
a=candidate:1 1 udp 50 10.100.1.109 7074 typ host generation 0
a=candidate:1 2 udp 49 10.100.1.109 7074 typ host generation 0
a=sendrecv
a=ice-ufrag:5uVuNDrpZIRuqFnv
a=ice-pwd:2gTsLDmpv3Rc0SJDsc3MydjT
a=mid:0
a=msid:6d6a5d67-fc98-487a-ae11-feadf0a83550_3 259c9f41-df1a-4a0a-99bb-865925751627
a=rtcp:2 IN 0.0.0.0 IP4
a=rtcp-mux
a=rtpmap:8 PCMA/8000
a=setup:passive
a=bundle-only
a=ssrc:365022300 cname:QylQ1HGpor9omS0z
m=video 1 RTP/SAVPF 100
c=IN IP4 0.0.0.0
a=candidate:1 1 udp 50 10.100.1.109 7075 typ host generation 0
a=candidate:1 2 udp 49 10.100.1.109 7075 typ host generation 0
a=sendrecv
a=ice-ufrag:5uVuNDrpZIRuqFnv
a=ice-pwd:2gTsLDmpv3Rc0SJDsc3MydjT
a=mid:1
a=msid:6d6a5d67-fc98-487a-ae11-feadf0a83550_3 c0827912-56ab-4aaf-a97c-eb400dba9ad0
a=rtcp:2 IN 0.0.0.0 IP4
a=rtcp-mux
a=rtpmap:100 VP8/90000
a=rtcp-fb:100 nack
a=rtcp-fb:100 nack pli
a=rtcp-fb:100 goog-remb
a=rtcp-fb:100 transport-cc
a=setup:passive
a=bundle-only
a=ssrc:3945247179 cname:9Tn424ILJFMaRaPw
RTP Stats:
I have tried changing SDP. I compared my generated sdp to sdp from this website https://webrtc.github.io/samples/src/content/peerconnection/munge-sdp/
I listened to packets using wireshark and everything seems fine, but video does not show up.
Feel free to ask for more information. Thanks for any help

I fixed it. I was sending payload in my sdp a=rtpmap:100 VP8/90000, but firefox >=90.0 supports vp8 in version 120 as u can see in local sdp a=rtpmap:120 VP8/90000

WireGuard: can't ping anything, traffic doesn't go through while handshake successful

I'm trying to setup WireGuard VPN server on a cloud virtual server (Yandex cloud).
Server config:
[Interface]
Address = 10.128.0.19/24
MTU = 1500
SaveConfig = false
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; ip6tables -A FORWARD -i wg0 -j ACCEPT; ip6tables -t >
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; ip6tables -D FORWARD -i wg0 -j ACCEPT; ip6tables ->
ListenPort = 41820
PrivateKey = <cut>
[Peer]
PublicKey = 0fWTvnU+j4D4pXfv0hWtAJDatRj/DxgPH3zwrSbT7js=
AllowedIPs = 10.128.0.201/32
Client config:
[Interface]
PrivateKey = <cut>
Address = 10.128.0.200/32
DNS = 1.1.1.1, 1.0.0.1
[Peer]
PublicKey = g9HF8K1303CwDrYb0ga8/dBe8EY8tb3wlreO0lHA9iI=
AllowedIPs = 0.0.0.0/0
Endpoint = <cut>:41820
PersistentKeepalive = 25
I've enabled the net.ipv4.ip_forward=1 option on the server. The server is on the public cloud compute instance. The client is an Android device in a home network behind NAT.
When I turn on the tunnel, all the communications stops. I can't ping anything from the device. At the same time, I can see successful handshakes in the wg output:
interface: wg0
public key: g9HF8K1303CwDrYb0ga8/dBe8EY8tb3wlreO0lHA9iI=
private key: (hidden)
listening port: 41820
peer: 0fWTvnU+j4D4pXfv0hWtAJDatRj/DxgPH3zwrSbT7js=
endpoint: <cut>:38517
allowed ips: 10.128.0.201/32
latest handshake: 15 seconds ago
transfer: 2.25 KiB received, 124 B sent
I can't ping neither the VPN server internal IP address (10.128.0.19) nor any of public IPs (like 1.1.1.1).
The server's ifconfig output is the following:
$ ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.128.0.19 netmask 255.255.255.0 broadcast 10.128.0.255
inet6 fe80::d20d:1bff:fe98:a801 prefixlen 64 scopeid 0x20<link>
ether d0:0d:1b:98:a8:01 txqueuelen 1000 (Ethernet)
RX packets 16530 bytes 2016056 (2.0 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 12031 bytes 1483606 (1.4 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 177 bytes 14328 (14.3 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 177 bytes 14328 (14.3 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wg0: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 1500
inet 10.128.0.19 netmask 255.255.255.0 destination 10.128.0.19
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 145 bytes 16504 (16.5 KB)
RX errors 54 dropped 0 overruns 0 frame 54
TX packets 11 bytes 472 (472.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
The OS on the server is Ubuntu 20.04.
I tried to set MTU on the client side to 1500 but nothing changed.
What I'm doing wrong?

The issue was in the server's interface IP address. The correct one is
[Interface]
Address = 10.128.0.19/32
The subnet part should be 32 instead of 24 in my case.
After that, the connection works well.

The allowed ip is wrong in the server configuration.
Please change it from:
[Peer]
PublicKey = 0fWTvnU+j4D4pXfv0hWtAJDatRj/DxgPH3zwrSbT7js=
AllowedIPs = 10.128.0.201/32
to:
[Peer]
PublicKey = 0fWTvnU+j4D4pXfv0hWtAJDatRj/DxgPH3zwrSbT7js=
AllowedIPs = 10.128.0.200/32

Same HTTP request passes with CURL_CLI but fails with LIBCURL

Am using libcurl to communicate with Amazon S3.
GET calls are success whereas PUT (for uploading files) calls are failing with 403.
PUT call with same headers when ran through CURL-CLI are success.
I have disabled certificate checking. [[ curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0) ]]
Using CURLOPT_DEBUGFUNCTION option as specified in https://curl.haxx.se/libcurl/c/CURLOPT_DEBUGFUNCTION.html, am able to capture the following log.
=> Send header, 0000000578 bytes (0x00000242)
0000: PUT /M2000/activity/8c51f2240f9fc1e7d2329a24210e30c9_200_0603202
0040: 0065517_fota_dlready HTTP/1.1
005f: Host: fota.test.nvtl.s3.amazonaws.com
0086: Accept: */*
0093: Authorization : AWS4-HMAC-SHA256 Credential=AKIAJ2ZI2YKOFDBS4UMQ
00d3: /20200603/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-co
0113: ntent-sha256;x-amz-date, Signature=61613a8357e45ac6c14067856f1e1
0153: 56449adcba20d3b8d295ed1c67a126dda0c
0178: x-amz-content-sha256:e2b646fdb491ec4be82661a9ea86ce3b08fe5fabfda
01b8: 2b9a9f8c3d9a783135837
01cf: x-amz-date:20200603T065517Z
01ec: content-length: 3394
0202: content-type: application/octet-stream
022a: Expect: 100-continue
0240:
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: ....P
<= Recv header, 0000000024 bytes (0x00000018)
0000: HTTP/1.1 403 Forbidden
<= Recv header, 0000000036 bytes (0x00000024)
0000: x-amz-request-id: BE05183350F1A797
<= Recv header, 0000000090 bytes (0x0000005a)
0000: x-amz-id-2: b6rrLoMPXn0Umvv8YzFiVL8CX27oszT0mQqWnjxaBtD49DoqsI6C
0040: NedmUoOebVAf3R96Q7c59tg=
<= Recv header, 0000000031 bytes (0x0000001f)
0000: Content-Type: application/xml
<= Recv header, 0000000028 bytes (0x0000001c)
0000: Transfer-Encoding: chunked
<= Recv header, 0000000037 bytes (0x00000025)
0000: Date: Wed, 03 Jun 2020 06:55:19 GMT
<= Recv header, 0000000019 bytes (0x00000013)
0000: Connection: close
<= Recv header, 0000000018 bytes (0x00000012)
0000: Server: AmazonS3
<= Recv header, 0000000002 bytes (0x00000002)
0000:
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: ....0
<= Recv data, 0000000254 bytes (0x000000fe)
0000: f3
0004: <?xml version="1.0" encoding="UTF-8"?>.<Error><Code>AccessDenied
0044: </Code><Message>Access Denied</Message><RequestId>BE05183350F1A7
0084: 97</RequestId><HostId>b6rrLoMPXn0Umvv8YzFiVL8CX27oszT0mQqWnjxaBt
00c4: D49DoqsI6CNedmUoOebVAf3R96Q7c59tg=</HostId></Error>
00f9: 0
00fc:
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....0
== Info: TLSv1.2 (OUT), TLS alert, Client hello (1):
=> Send SSL data, 0000000002 bytes (0x00000002)
0000: ..
== Info: TLSv1.2 (OUT), TLS header, Certificate Status (22):
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: .....
== Info: TLSv1.2 (OUT), TLS handshake, Client hello (1):
=> Send SSL data, 0000000512 bytes (0x00000200)
0000: .........;r..f..g.]..50.=.+.xh..M..Ia.....0.,.(.$.............k.
0040: j.i.h.9.8.7.6.........2...*.&.......=.5.../.+.'.#.............g.
0080: #.?.>.3.2.1.0.........E.D.C.B.1.-.).%.......<./...A.............
00c0: ............3...$."...fota.test.nvtl.s3.amazonaws.com...........
0100: ................................ ...............................
0140: ......3t.........http/1.1.......................................
0180: ................................................................
01c0: ................................................................
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: ....W
== Info: TLSv1.2 (IN), TLS handshake, Server hello (2):
<= Recv SSL data, 0000000087 bytes (0x00000057)
0000: ...S...Z..J....v...6.F........i3..j:2. ..ptS.oT..h...8..J_..:o..
0040: )..a...................
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: ....T
== Info: TLSv1.2 (IN), TLS handshake, Certificate (11):
<= Recv SSL data, 0000002900 bytes (0x00000b54)
0000: ...P..M...0...0...........-........r..8..0...*.H........0d1.0...
0040: U....US1.0...U....DigiCert Inc1.0...U....www.digicert.com1#0!..U
0080: ....DigiCert Baltimore CA-2 G20...191109000000Z..210312120000Z0l
00c0: 1.0...U....US1.0...U....Washington1.0...U....Seattle1.0...U....A
0100: mazon.com, Inc.1.0...U....*.s3.amazonaws.com0.."0...*.H.........
0140: ....0.........[...)X.+\.x....<1j.....p.y.c..hx..c=.#..e......t,.
0180: g.^c3......z...}~>.2.eC.;...Y.;h..e....A..y....$#.K.#.&...2O..fD
01c0: ..7k..1.R..3....+~...{}.XT.gp4.l.0$.V.)Z.o.6..?..^Oz,%s....~...~
0200: ........z.c..P...~7G..-....!6K.....\....}....F.7..H.T.z..#p;..F
0240: #Jr...)L..xa..........0..|0...U.#..0......(thFg.p%t..E[.}\D0...U
0280: ........&.d...\.......'...0/..U...(0&..*.s3.amazonaws.com..s3.am
02c0: azonaws.com0...U...........0...U.%..0...+.........+.......0....U
0300: ...z0x0:.8.6.4http://crl3.digicert.com/DigiCertBaltimoreCA-2G2.c
0340: rl0:.8.6.4http://crl4.digicert.com/DigiCertBaltimoreCA-2G2.crl0L
0380: ..U. .E0C07..`.H...l..0*0(..+.........https://www.digicert.com/C
03c0: PS0...g.....0y..+........m0k0$..+.....0...http://ocsp.digicert.c
0400: om0C..+.....0..7http://cacerts.digicert.com/DigiCertBaltimoreCA-
0440: 2G2.crt0...U.......0.0..}..+.....y......m...i.g.v.......X......g
0480: p.<5.......w.........nMv;0.....G0E.!....)Y.!i...a.......4.w....w
04c0: .e..y. 3..cv.....R]....A.......a_.......v.D.e......#....(.......
0500: 1.?.3........nMv;(.....G0E.!...B).+.S..[..^..mD..&2.c8.*....7. B
0540: ..#.....f.s..B.....#mA&.u..v.C..u.......q...#...{G8W...R....d6..
0580: .....nMv;5.....F0D. ..._A/^..Y..V.....oJ.#.k.8...fDj. A..^..o...
05c0: .......09O.....dEgX.K.0...*.H.................x".V...6....2#....
0600: ..*.6q........CS.....-...=..ep...V......M.C......#.$.y.k.F?.v.&(
0640: .<N....a.o......i../..Q8K+^.;k86.F.....rW..._..>...3.q.Tc...l..
0680: $...fx0.;...)[.......f_....0T*....g.....<u{........8/6....."...J
06c0: .38...# %.K.nt.5M...'m5Pk..wH.0...Z....-.c..g0..c0..K...........
0700: ...&..;'....0...*.H........0Z1.0...U....IE1.0...U....Baltimore1.
0740: 0...U....CyberTrust1"0 ..U....Baltimore CyberTrust Root0...15120
0780: 8120507Z..250510120000Z0d1.0...U....US1.0...U....DigiCert Inc1.0
07c0: ...U....www.digicert.com1#0!..U....DigiCert Baltimore CA-2 G20..
0800: "0...*.H.............0..............s....\.u.\ps...z...#....?.!.
0840: .M..-...1..k..].Q..^r..f.....A..&....i.S..O>..:C+.Y.....Y#rZg...
0880: U..+............%.E......t....eP...E../..6......R....6q+.......[
08c0: [9...................Z../r....g....J. ...r....OB.M'BM.....u.6`.&
0900: T...7....)Y ..%........................0...0...U.........(thFg.p
0940: %t..E[.}\D0...U.#..0.....Y0.GX....T6.{:..M.0...U.......0.......0
0980: ...U...........04..+........(0&0$..+.....0...http://ocsp.digicer
09c0: t.com0:..U...3010/.-.+.)http://crl3.digicert.com/Omniroot2025.cr
0a00: l0=..U. .60402..U. .0*0(..+.........https://www.digicert.com/CPS
0a40: 0...*.H............./.7f....U.)..P.....(.t..i;D0=..I.h6..0....IB
0a80: cFR.i..I...W.....u....3.b.CT.c...S.........ex.3...>.p....x.3...,
0ac0: X..#.mA...../...pk.:.{....K..o..)....T.T.... .i,./?P...W...s..$.
0b00: ...E....).f...l.O.+.LG....A....FwB......%K.PW...N.?.%.A...bmo...
0b40: ......).......T.KI..
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: ....M
== Info: TLSv1.2 (IN), TLS handshake, Server key exchange (12):
<= Recv SSL data, 0000000333 bytes (0x0000014d)
0000: ...I...A.>...,R..3R.ry.../WTDH..b...lcB`.RB<dPQJ..2..$M.`6.A....
0040: ..2e.C.......$W+.8.g.].....A[q...,G.......u;.....q....8..:......
0080: G ....F.-.o.b54...P-.o..:|H..!......5.....O.7..d..El7.;....\....
00c0: t......'.v&...#..Y*.y..yoN....3 >...?...vH...i.J....K.....ar.:..
0100: ..Ll.............(Z..mx.;.....BQ...7.b.[...|..z.;..d....*. ..]M/
0140: ./.........=.
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: .....
== Info: TLSv1.2 (IN), TLS handshake, Server finished (14):
<= Recv SSL data, 0000000004 bytes (0x00000004)
0000: ....
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....F
== Info: TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
=> Send SSL data, 0000000070 bytes (0x00000046)
0000: ...BA.wm.Jg'... .......,y8%B.....1..........}X.5.~....oC...T.].6
0040: .Q\..8
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: .....
== Info: TLSv1.2 (OUT), TLS change cipher, Client hello (1):
=> Send SSL data, 0000000001 bytes (0x00000001)
0000: .
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....#
== Info: TLSv1.2 (OUT), TLS handshake, Finished (20):
=> Send SSL data, 0000000016 bytes (0x00000010)
0000: ......1.e.].....
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: .....
== Info: TLSv1.2 (IN), TLS change cipher, Client hello (1):
<= Recv SSL data, 0000000001 bytes (0x00000001)
0000: .
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: ....#
== Info: TLSv1.2 (IN), TLS handshake, Finished (20):
<= Recv SSL data, 0000000016 bytes (0x00000010)
0000: ....t.....%. 1..
=> Send SSL data, 0000000005 bytes (0x00000005)
0000: ....P
When i ran the same from CLI it is success.
# curl --insecure -v -X PUT https://fota.test.nvtl.s3.amazonaws.c
om/M2000/activity/8c51f2240f9fc1e7d2329a24210e30c9_200_06032020065517_fota_dlrea
dy -H 'Authorization: AWS4-HMAC-SHA256 Credential=AKIAJ2ZI2YKOFDBS4UMQ/20200603/
us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, S
ignature=61613a8357e45ac6c14067856f1e156449adcba20d3b8d295ed1c67a126dda0c' -H x-
amz-content-sha256:e2b646fdb491ec4be82661a9ea86ce3b08fe5fabfda2b9a9f8c3d9a783135
837 -H x-amz-date:20200603T065517Z -H 'content-length: 3394' -H 'content-type: a
pplication/octet-stream' -T /opt/nvtl/data/8c51f2240f9fc1e7d2329a24210e30c9_
200_06032020065517_fota_dlready
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
> PUT /M2000/activity/8c51f2240f9fc1e7d2329a24210e30c9_200_06032020065517_fota_dlready HTTP/1.1
> Host: fota.test.nvtl.s3.amazonaws.com
> User-Agent: curl/7.52.1
> Accept: */*
> Authorization: AWS4-HMAC-SHA256 Credential=AKIAJ2ZI2YKOFDBS4UMQ/20200603/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=61613a8357e45ac6c14067856f1e156449adcba20d3b8d295ed1c67a126dda0c
> x-amz-content-sha256:e2b646fdb491ec4be82661a9ea86ce3b08fe5fabfda2b9a9f8c3d9a783135837
> x-amz-date:20200603T065517Z
> content-length: 3394
> content-type: application/octet-stream
> Expect: 100-continue
>
< HTTP/1.1 100 Continue
< HTTP/1.1 200 OK
< x-amz-id-2: xnaNU1mmmuynkWQQDA0OJsgKKAYBOCRbx6lpTkj54HGEicXWOMtnd3qb4ZbY6vmogULiq7vOFcA=
< x-amz-request-id: BAE5F92ED54058EC
< Date: Wed, 03 Jun 2020 06:57:53 GMT
< ETag: "595f51bb7d2cc4c5c3f30b3bc3d350c3"
< Content-Length: 0
< Server: AmazonS3
<
Could any give hints what might actually be wrong here.
Is there any other method/way where we can have more verbose ouput regards the error.
Note:
HEADERS that are passed to both the requests (libcurl and curl_cli) are same.
Certificate check is disabled in both.
Response after adding user-agent.
0000: .....
=> Send header, 0000000609 bytes (0x00000261)
0000: PUT /M2000/activity/8c51f2240f9fc1e7d2329a24210e30c9_200_0603202
0040: 0142553_fota_dlready HTTP/1.1
005f: Host: fota.test.nvtl.s3.amazonaws.com
0086: User-Agent: libcurl-agent/1.0
00a5: Accept: */*
00b2: Authorization : AWS4-HMAC-SHA256 Credential=AKIAJ2ZI2YKOFDBS4UMQ
00f2: /20200603/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-co
0132: ntent-sha256;x-amz-date, Signature=9a72f22ce185e48c023a8d3314004
0172: ac2a76b91ccd56b208d769e27bafe7b1446
0197: x-amz-content-sha256:83a7ba5f8f0c829537965116840aad257f6b71e7899
01d7: bafc4c93542b681c9454a
01ee: x-amz-date:20200603T142554Z
020b: content-length: 3394
0221: content-type: application/octet-stream
0249: Expect: 100-continue
025f:
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: ....P
<= Recv header, 0000000024 bytes (0x00000018)
0000: HTTP/1.1 403 Forbidden
<= Recv header, 0000000036 bytes (0x00000024)
0000: x-amz-request-id: AD607FF3FA529447
<= Recv header, 0000000090 bytes (0x0000005a)
0000: x-amz-id-2: w0ZHrVJ9R8uslrB6kf9KLLRtshjksK9cLxeovH53GXL4uRoK17U6
0040: MJaWuhiGhZMKdIphBWkY+mE=
<= Recv header, 0000000031 bytes (0x0000001f)
0000: Content-Type: application/xml
<= Recv header, 0000000028 bytes (0x0000001c)
0000: Transfer-Encoding: chunked
<= Recv header, 0000000037 bytes (0x00000025)
0000: Date: Wed, 03 Jun 2020 14:25:57 GMT
<= Recv header, 0000000019 bytes (0x00000013)
0000: Connection: close
<= Recv header, 0000000018 bytes (0x00000012)
0000: Server: AmazonS3
<= Recv header, 0000000002 bytes (0x00000002)
0000:
<= Recv SSL data, 0000000005 bytes (0x00000005)
0000: ....0
<= Recv data, 0000000254 bytes (0x000000fe)
0000: f3
0004: <?xml version="1.0" encoding="UTF-8"?>.<Error><Code>AccessDenied
0044: </Code><Message>Access Denied</Message><RequestId>AD607FF3FA5294
0084: 47</RequestId><HostId>w0ZHrVJ9R8uslrB6kf9KLLRtshjksK9cLxeovH53GX
00c4: L4uRoK17U6MJaWuhiGhZMKdIphBWkY+mE=</HostId></Error>
UPDATED
Figured out the issue.
Issue seems to be with spacing.
"Authorization : AWS4-XXX" gives 403 error
whereas
"Authorization: AWS4-XXX" is success.
Thanks,
Trinadh

best guess: fota.test.nvtl.s3.amazonaws.com blocks requests without any User-Agent. several websites do this, for example Wikipedia.org does the same thing (not sure why),
curl the cli program has a default user-agent, it looks like User-Agent: curl/7.52.1, but libcurl doesn't have any default user-agent, you can set one with the CURLOPT_USERAGENT option.

Access to USB Ethernet adapter in LXC

I've created a LXC container in Ubuntu 18.04. Physically, there is an USB to Ethernet adapter connected on the host machine. After starting the LXC container, how to access the USB ethernet adapter? Are there configurations for LXC to do?
The info on the Host machine:
rui#rui-desktop:~$ ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::f763:92fe:8145:163 prefixlen 64 scopeid 0x20<link>
ether 00:0e:c6:c9:1a:18 txqueuelen 1000 (Ethernet)
RX packets 1 bytes 46 (46.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 158 bytes 29470 (29.4 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1430
inet 173.39.202.159 netmask 255.255.255.128 broadcast 173.39.202.255
inet6 fe80::2e0:4cff:fe68:12c prefixlen 64 scopeid 0x20<link>
ether 00:e0:4c:68:01:2c txqueuelen 1000 (Ethernet)
RX packets 1911906 bytes 851840909 (851.8 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 350546 bytes 25613552 (25.6 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 149 base 0xd000
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 35420 bytes 2918763 (2.9 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 35420 bytes 2918763 (2.9 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lxcbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 10.0.3.1 netmask 255.255.255.0 broadcast 0.0.0.0
inet6 fe80::216:3eff:fe00:0 prefixlen 64 scopeid 0x20<link>
ether 00:16:3e:00:00:00 txqueuelen 1000 (Ethernet)
RX packets 859 bytes 86124 (86.1 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 831 bytes 88890 (88.8 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
rndis0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether be:86:e5:ee:9a:ed txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
usb0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether be:86:e5:ee:9a:ef txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0 is the interface that I want to access, and the output from lsusb is
rui#rui-desktop:~$ lsusb
Bus 002 Device 002: ID 0bda:0411 Realtek Semiconductor Corp.
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
**Bus 001 Device 015: ID 0b95:7720 ASIX Electronics Corp. AX88772**
Bus 001 Device 002: ID 0bda:5411 Realtek Semiconductor Corp.
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
LXC container info:
Last login: Sat Feb 24 17:40:28 UTC 2018 on pts/0
Welcome to Ubuntu 18.04.3 LTS (GNU/Linux 4.9.140-tegra aarch64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
cisco#ul:~$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
40: eth0#if41: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:16:3e:d6:9b:38 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 10.0.3.194/24 brd 10.0.3.255 scope global dynamic eth0
valid_lft 3586sec preferred_lft 3586sec
inet6 fe80::216:3eff:fed6:9b38/64 scope link
valid_lft forever preferred_lft forever

Adding these setting in /var/lib/lxc/ul/config make it working.
lxc.net.1.type = phys
lxc.net.1.link = eth0
lxc.net.1.flags = up
lxc.net.1.hwaddr = 00:0e:c6:c9:1a:18

can I use munge SDP sample to connect with another PC?

So I wanted to create peer for webrtc in C, but I still don't quite get how the connection is made. I wanted to use the https://webrtc.github.io/samples/src/content/peerconnection/munge-sdp/ sample generating a SDP file in my computer, change the IP4 field (so i don't just do a loopback), put it in offer, do the same in another computer (to put in answer) [basically i'd do the signalling myself] to connect.
i tried it over my local network, but i failled miserably.
here is one of the SDP files
`
v=0
o=mozilla...THIS_IS_SDPARTA-52.4.0 7301737099351893139 0 IN IP4 0.0.0.0
s=-
t=0 0
a=fingerprint:sha-256 29:C1:12:C2:D7:03:B6:A8:E1:28:DC:DC:DE:A5:A0:0E:A8:D4:3A:CF:D5:67:9A:6B:4A:38:8C:DE:9C:ED:4E:D8
a=group:BUNDLE sdparta_0 sdparta_1 sdparta_2
a=ice-options:trickle
a=msid-semantic:WMS *
m=audio 9 UDP/TLS/RTP/SAVPF 109 9 0 8 101
c=IN IP4 0.0.0.0
a=sendrecv
a=extmap:1/sendonly urn:ietf:params:rtp-hdrext:ssrc-audio-level
a=fmtp:109 maxplaybackrate=48000;stereo=1;useinbandfec=1
a=fmtp:101 0-15
a=ice-pwd:f0fa540801b8b01d2616d465cdbaf888
a=ice-ufrag:23f84f96
a=mid:sdparta_0
a=msid:{518019eb-2799-4525-ac2f-486dc4eb8ef4} {ebd29374-a915-41f1-868f-a5bca57540c1}
a=rtcp-mux
a=rtpmap:109 opus/48000/2
a=rtpmap:9 G722/8000/1
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:101 telephone-event/8000/1
a=setup:actpass
a=ssrc:3747370289 cname:{5339d74a-cea8-4286-9a6f-5c6682f03b4a}
m=video 9 UDP/TLS/RTP/SAVPF 120 121
c=IN IP4 0.0.0.0
a=sendrecv
a=fmtp:120 max-fs=12288;max-fr=60
a=fmtp:121 max-fs=12288;max-fr=60
a=ice-pwd:f0fa540801b8b01d2616d465cdbaf888
a=ice-ufrag:23f84f96
a=mid:sdparta_1
a=msid:{518019eb-2799-4525-ac2f-486dc4eb8ef4} {38ff8810-1ae3-4786-b95c-e945f649f032}
a=rtcp-fb:120 nack
a=rtcp-fb:120 nack pli
a=rtcp-fb:120 ccm fir
a=rtcp-fb:120 goog-remb
a=rtcp-fb:121 nack
a=rtcp-fb:121 nack pli
a=rtcp-fb:121 ccm fir
a=rtcp-fb:121 goog-remb
a=rtcp-mux
a=rtpmap:120 VP8/90000
a=rtpmap:121 VP9/90000
a=setup:actpass
a=ssrc:8090718 cname:{5339d74a-cea8-4286-9a6f-5c6682f03b4a}
m=application 9 DTLS/SCTP 5000
c=IN IP4 0.0.0.0
a=sendrecv
a=ice-pwd:f0fa540801b8b01d2616d465cdbaf888
a=ice-ufrag:23f84f96
a=mid:sdparta_2
a=sctpmap:5000 webrtc-datachannel 256
a=setup:actpass
a=ssrc:3024981980 cname:{5339d74a-cea8-4286-9a6f-5c6682f03b4a}
`
obs: i left the IP4 as 0.0.0.0 on purpose
obs2: I missed the ICE candidates, but not sure
I appreciate any help

no you can not. To connect to another PC you need a signaling server and exchange things like ice ufrag/pwd and the dtls fingerprints. Take a look at https://appr.tc/

Resources