1. Home
  2. Virtual Private Networks
  3. Need detail on TDI NBNS Request(SSLVPN)

Need detail on TDI NBNS Request(SSLVPN)

Hi All, I am trying to resolve short name in my TDI filter. The short name is not resolvable in the local host/DNS. I would like to pass this short name to the socks server for resolution.

I am getting ip xx.xx.xx.255 with port 137/138/139 response(RFC 1002/1003)in TDI_CONNECT for short name request frm IE. Its a local broadcast address.

Following steps I followed & working fine.

  1. The NBNS request are filtered in the driver & sent to my SSLClient application.
  2. During Every application(IE) request, I am creating a listening socket for to accept data IN for the application & another socket to send data to my socks server.
  3. Read NBNS packet, Encrypted NBNS Request are converted in to text format (Decode Algorithm) to identify the short name request requested in the upper layer(IE). This details are available in RFC 1002 & 1003.
  4. The decoded short name sent to the socks server to resolve the same.
  5. Socks Server returning the resolved IP that are configured in the clean side DNS.

Following are not working

  1. Formed NBNS response as per RFC 1001 & 1002. This packet formate is not IP formate. This contains 4bytes of header/flag(Not clear), Destination Ip, Destination port , length of pkt, NBNS Response. There is no source ip/port information. 90 % sure NBNS packet I formed is correct except first 4 bytes. If anybody know detail on this please send the info.
  2. Using sentto command sent NBNS response packet to the upper layer(Sent to listening loop back ip/port). Shows No.of bytes sent with status success. I am trying to send the NBNS response packet to the application that requested the NBNS to give acknowledge. Before I send NBNS response to the application(IE) requested, IE is getting completed with "The Page Can not be displayed". There is no response on the NBNS response i sent to the application. Pls give me detail regarding this.

In general the broadcast NBNS packets are sent to all PC's, Whoever is having a match on the short name will respond with NBNS response, But in my application I am forming NBNS reply & there is no option to get/specify source ip/port info. I am specifying destination ip as 127.0.0.1 & port as 137. Please give me detail regarding this.

Note: a. The packet received in the TDI level is not the exact Ethernet packet format as we are looking in ethereal. b. Partially some fields are identified & remaining are still i am investigating(may be it represents NBNS request/flags).

Regards, srmjothi

Reply to
JothiKumar
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.