tcpcopy error - raw fd:7 (Operation not permitted)

[JINwonLEE]

I'm testing tcpcopy in my server.

However whenever I run tcpcopy, it suddenly shut down because of some reasons.

Can I get some advices?

Here is my log.

2021/10/15 05:32:56 +247 [notice] tcpcopy version:1.3.0
2021/10/15 05:32:56 +247 [notice] tcpcopy internal version:6
2021/10/15 05:32:56 +247 [notice] target:50001-192.168.123.189:50001
2021/10/15 05:32:56 +247 [notice] TC_COMBINED mode
2021/10/15 05:32:56 +247 [notice] TC_MILLION_SUPPORT mode
2021/10/15 05:32:56 +247 [notice] epoll mode
2021/10/15 05:32:56 +247 [notice] session timeout:600
2021/10/15 05:32:56 +247 [notice] keepalive timeout:1800
2021/10/15 05:32:56 +247 [notice] min sess pool size:608
2021/10/15 05:32:56 +247 [notice] sess pool size:1024
2021/10/15 05:32:56 +247 [notice] set global port for tcpcopy
2021/10/15 05:32:56 +247 [notice] raw_clt_tf_ip:192.168.0.0
2021/10/15 05:32:56 +247 [notice] parallel connections per target:2
2021/10/15 05:32:56 +247 [notice] s parameter:192.168.123.204
2021/10/15 05:32:56 +247 [notice] set only ip for tcpcopy
2021/10/15 05:32:56 +247 [info] connect to remote server(192.168.123.204:36524)
2021/10/15 05:32:56 +247 [info] connect to remote server(192.168.123.204:36524)
2021/10/15 05:33:02 +794 [warn] [LJW] fd:7, errno:1, offset:0, slen:-1, bsize:40
2021/10/15 05:33:02 +794 [error] raw fd:7 (Operation not permitted)
2021/10/15 05:33:02 +794 [warn] to bak:192.168.0.0:44592-->192.168.123.189:50001,len 40,seq=64075727,ack=0
2021/10/15 05:33:02 +794 [error] send to back error,tot_len is:40
2021/10/15 05:33:02 +794 [warn] sig 64 received
2021/10/15 05:33:02 +794 [notice] active:24,rel:24,obs del:0,tw:6
2021/10/15 05:33:02 +794 [notice] conns:0,resp:0,c-resp:0
2021/10/15 05:33:02 +794 [notice] resp fin:0,resp rst:0
2021/10/15 05:33:02 +794 [notice] send:78,send content:0
2021/10/15 05:33:02 +794 [notice] send syn:48, fin:0,reset:30
2021/10/15 05:33:02 +794 [notice] reconnect:0,for no syn:48
2021/10/15 05:33:02 +794 [notice] retransmit:0
2021/10/15 05:33:02 +794 [notice] recv packs after retransmission:0
2021/10/15 05:33:02 +794 [notice] syn cnt:0,all clt:190368,clt cont:190368
2021/10/15 05:33:02 +794 [notice] total cont retransmit:0, frag:0
2021/10/15 05:33:02 +794 [notice] total captured packets:342052
2021/10/15 05:33:02 +794 [warn] many connections can't be established
2021/10/15 05:33:02 +794 [info] session table, size:65536, total:24
2021/10/15 05:33:02 +794 [notice] tc_epoll_destroy, close fd:5
2021/10/15 05:33:02 +794 [notice] tc_epoll_destroy, close fd:6
2021/10/15 05:33:02 +794 [notice] tc_epoll_destroy, close fd:8
2021/10/15 05:33:02 +794 [notice] tc_event_loop_finish over
2021/10/15 05:33:02 +794 [notice] user time used:0
2021/10/15 05:33:02 +794 [notice] sys  time used:1
2021/10/15 05:33:02 +794 [notice] max memory size:148932
2021/10/15 05:33:02 +794 [notice] Total allocated space (bytes): 112
2021/10/15 05:33:02 +794 [notice] Total free space (bytes): 188304
2021/10/15 05:33:02 +794 [notice] Top-most, releasable space (bytes): 187760

I changed the source ip to 192.168.0.0, and I add routing rules in target server as below.

192.168.0.0 via 192.168.123.204 dev eth1 (Intercept server ip : 192.168.123.204, Tcpcopy server ip : 192.168.123.204)

[wangbin579]

"Operation not permitted" means that it is related to privilege problems. Try to use root privilege if it has the same problem.

[JINwonLEE]

Thanks for reply. However I already run tcpcopy in root accounts. Does iptables has anything to do with it?

[wangbin579]

Check dmesg if it reported "nf_conntrack: table full, dropping packet"?

[wangbin579]

Maybe IP conntrack has something to do with it.

[JINwonLEE]

I also thought that IP conntrack could affect the result of my experiments. I'll check it. Thanks.