On 10/23/2020 12:50 PM, Knute Johnson wrote:

InetAddress.isReachable() only works if I run Java as root.  Any idea
how to make it work with a regular user?  The docs say "A typical implementation will use ICMP ECHO REQUESTs if the privilege can be obtained".  I'm assuming that's why it won't work as a regular user.

Is it worth it?

The method can return false and the service you want to use
can be available (firewall blocking ICMP and Echo but not application protocol).

The method can return true and the service you want to use
can be unavailable (OS running but server application down).

I think you would be better of connecting to the service
you want to use and handle errors there.

Arne

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

InetAddress.isReachable() only works if I run Java as root. Any idea
how to make it work with a regular user? The docs say "A typical implementation will use ICMP ECHO REQUESTs if the privilege can be
obtained". I'm assuming that's why it won't work as a regular user.

Xubuntu 20.04
OpenJDK 15 - BellSoft

Thanks!

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 10/23/20 12:14 PM, Arne Vajhøj wrote:

On 10/23/2020 12:50 PM, Knute Johnson wrote:

InetAddress.isReachable() only works if I run Java as root.  Any idea
how to make it work with a regular user?  The docs say "A typical
implementation will use ICMP ECHO REQUESTs if the privilege can be
obtained".  I'm assuming that's why it won't work as a regular user.

Is it worth it?

Yes

The method can return false and the service you want to use
can be available (firewall blocking ICMP and Echo but not application protocol).

No firewalls there.

The method can return true and the service you want to use
can be unavailable (OS running but server application down).

No service to connect to. Just want to see if there is a path to the
router.

I think you would be better of connecting to the service
you want to use and handle errors there.

Again no service to connect to.

It's an internal network and I'm fielding calls all the time that 'we
aren't getting updates to our data'. If I can ask is the little box
green or red I'll know with some certainty the status of their network connection. I'm 1600 km from the site so I can't just pop over for a
look see. I can't ask them to ping the router, that's a step too far.
The network service at the remote sites is interrupted on a fairly
regular basis.

So yes I would really like to figure out how to make this work is it is possible.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 10/23/2020 19:30, Arne Vajhøj wrote:

On 10/23/2020 7:10 PM, Knute Johnson wrote:

On 10/23/20 12:14 PM, Arne Vajhøj wrote:

On 10/23/2020 12:50 PM, Knute Johnson wrote:

InetAddress.isReachable() only works if I run Java as root.  Any
idea how to make it work with a regular user?  The docs say "A
typical implementation will use ICMP ECHO REQUESTs if the privilege
can be obtained".  I'm assuming that's why it won't work as a
regular user.

Is it worth it?

Yes

OK.

The method can return false and the service you want to use
can be available (firewall blocking ICMP and Echo but not application
protocol).

No firewalls there.

The method can return true and the service you want to use
can be unavailable (OS running but server application down).

No service to connect to.  Just want to see if there is a path to the
router.

I think you would be better of connecting to the service
you want to use and handle errors there.

Again no service to connect to.

It's an internal network and I'm fielding calls all the time that 'we
aren't getting updates to our data'.  If I can ask is the little box
green or red I'll know with some certainty the status of their network
connection.  I'm 1600 km from the site so I can't just pop over for a
look see.  I can't ask them to ping the router, that's a step too far.
The network service at the remote sites is interrupted on a fairly
regular basis.

So yes I would really like to figure out how to make this work is it
is possible.

I cannot believe there are any ways to get around the privilege issue.

If there were then it would be a bug that would be fixed.

That leaves you with the awful hack of running the external
ping command and read output.

Arne

That's what I was afraid of Arne. Oh well, I didn't have anything else
to do this week :-).

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 10/23/2020 7:10 PM, Knute Johnson wrote:

On 10/23/20 12:14 PM, Arne Vajhøj wrote:

On 10/23/2020 12:50 PM, Knute Johnson wrote:

InetAddress.isReachable() only works if I run Java as root.  Any idea
how to make it work with a regular user?  The docs say "A typical
implementation will use ICMP ECHO REQUESTs if the privilege can be
obtained".  I'm assuming that's why it won't work as a regular user.

Is it worth it?

Yes

OK.

The method can return false and the service you want to use
can be available (firewall blocking ICMP and Echo but not application
protocol).

No firewalls there.

The method can return true and the service you want to use
can be unavailable (OS running but server application down).

No service to connect to.  Just want to see if there is a path to the router.

I think you would be better of connecting to the service
you want to use and handle errors there.

Again no service to connect to.

It's an internal network and I'm fielding calls all the time that 'we
aren't getting updates to our data'.  If I can ask is the little box
green or red I'll know with some certainty the status of their network connection.  I'm 1600 km from the site so I can't just pop over for a
look see.  I can't ask them to ping the router, that's a step too far.
The network service at the remote sites is interrupted on a fairly
regular basis.

So yes I would really like to figure out how to make this work is it is possible.

I cannot believe there are any ways to get around the privilege issue.

If there were then it would be a bug that would be fixed.

That leaves you with the awful hack of running the external
ping command and read output.

Arne

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 23 Oct 2020 19:38:34 -0500, Knute Johnson wrote:

On 10/23/2020 19:30, Arne Vajhøj wrote:

On 10/23/2020 7:10 PM, Knute Johnson wrote:

On 10/23/20 12:14 PM, Arne Vajhøj wrote:

On 10/23/2020 12:50 PM, Knute Johnson wrote:

InetAddress.isReachable() only works if I run Java as root.  Any
idea how to make it work with a regular user?  The docs say "A
typical implementation will use ICMP ECHO REQUESTs if the privilege
can be obtained".  I'm assuming that's why it won't work as a
regular user.

Is it worth it?

Yes

OK.

The method can return false and the service you want to use can be
available (firewall blocking ICMP and Echo but not application
protocol).

No firewalls there.

The method can return true and the service you want to use can be
unavailable (OS running but server application down).

No service to connect to.  Just want to see if there is a path to the
router.

I think you would be better of connecting to the service you want to
use and handle errors there.

Again no service to connect to.

It's an internal network and I'm fielding calls all the time that 'we
aren't getting updates to our data'.  If I can ask is the little box
green or red I'll know with some certainty the status of their network
connection.  I'm 1600 km from the site so I can't just pop over for a
look see.  I can't ask them to ping the router, that's a step too far.
The network service at the remote sites is interrupted on a fairly
regular basis.

So yes I would really like to figure out how to make this work is it
is possible.

I cannot believe there are any ways to get around the privilege issue.

If there were then it would be a bug that would be fixed.

That leaves you with the awful hack of running the external ping
command and read output.

Arne

That's what I was afraid of Arne. Oh well, I didn't have anything else
to do this week :-).

Apologies if this is stuff you already know, but I tend to use
traceroute, wireshark and nmap to sort out network problems and this
sounds as if it might be some sort of network problem.

Could it be a physical problem, e.g. rodent or physical cable damage
causing an intermittent connection?

traceroute can show which switch or device is the last device accessible
along the message route.

Wireshark can be used to show what is being transferred and what
responses are returned when a problem occurs.

nmap would seem less useful in this case, though at least it shows what
ports are open at the destination IP address, so can spot firewall
problems and dodgy interface cards.


--
--
Martin | martin at
Gregorie | gregorie dot org

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Sorry to be slow responding Martin. It's been one of those weeks.

The basic setup is this; we have a server sending Multicast data
packets through a VPN over the internet. The end points have user
programs that use this data for some presentations. We are tasked with supporting the system but large parts of it are beyond our control. The
main issue for us is the remote locations ISP reliability. I wanted a
simple way to tell on the first phone call whether there was a network
path to the server without having to log into the VPN network. The
software running on the remote locations has indications that data has
not arrived recently but it has no indication of quality. When they
call and tell me the system is showing old data I can ask if the box is
red or green and start trouble shooting from there. These folks are not
up to running nmap or wireshark or anything for that matter. Using a
Process to run ping seems to work fine, just more code that I wanted to
write. Since Windows and Linux use a different set of options for ping
I had to detect the OS and change the accordingly.

I'm not sure why Java has the privilege issue with
InetAddress.isReachable() but it does.

knute...


On 10/24/2020 06:45, Martin Gregorie wrote:

On Fri, 23 Oct 2020 19:38:34 -0500, Knute Johnson wrote:

On 10/23/2020 19:30, Arne Vajhøj wrote:

On 10/23/2020 7:10 PM, Knute Johnson wrote:

On 10/23/20 12:14 PM, Arne Vajhøj wrote:

On 10/23/2020 12:50 PM, Knute Johnson wrote:

InetAddress.isReachable() only works if I run Java as root.  Any
idea how to make it work with a regular user?  The docs say "A
typical implementation will use ICMP ECHO REQUESTs if the privilege >>>>>> can be obtained".  I'm assuming that's why it won't work as a
regular user.

Is it worth it?

Yes

OK.

The method can return false and the service you want to use can be
available (firewall blocking ICMP and Echo but not application
protocol).

No firewalls there.

The method can return true and the service you want to use can be
unavailable (OS running but server application down).

No service to connect to.  Just want to see if there is a path to the >>>> router.

I think you would be better of connecting to the service you want to >>>>> use and handle errors there.

Again no service to connect to.

It's an internal network and I'm fielding calls all the time that 'we
aren't getting updates to our data'.  If I can ask is the little box
green or red I'll know with some certainty the status of their network >>>> connection.  I'm 1600 km from the site so I can't just pop over for a >>>> look see.  I can't ask them to ping the router, that's a step too far. >>>> The network service at the remote sites is interrupted on a fairly
regular basis.

So yes I would really like to figure out how to make this work is it
is possible.

I cannot believe there are any ways to get around the privilege issue.

If there were then it would be a bug that would be fixed.

That leaves you with the awful hack of running the external ping
command and read output.

Arne

That's what I was afraid of Arne. Oh well, I didn't have anything else
to do this week :-).

Apologies if this is stuff you already know, but I tend to use
traceroute, wireshark and nmap to sort out network problems and this
sounds as if it might be some sort of network problem.

Could it be a physical problem, e.g. rodent or physical cable damage
causing an intermittent connection?

traceroute can show which switch or device is the last device accessible along the message route.

Wireshark can be used to show what is being transferred and what
responses are returned when a problem occurs.

nmap would seem less useful in this case, though at least it shows what
ports are open at the destination IP address, so can spot firewall
problems and dodgy interface cards.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Thu, 29 Oct 2020 15:23:51 -0500, Knute Johnson wrote:

Sorry to be slow responding Martin. It's been one of those weeks.

No problem - been there too. Thanks for the fuller explanation.

Of course you can't ask a client to run Wireshark, but it probably
wouldn't help with the problem anyway, now that I understand the setup.

However, if you know the problem client's URL or IP or can get then to
tell you what it is, then there's nothing to stop you pinging them or
using traceroute to see if the problem was transient or permanent and
where it is.

Whether you get a response from ping will depend on how their cable/ADSL/ whatever modem and firewall is configured. Mine, for example, is
configured to give no response whatsoever on any channel to stop the bad
lads from thinking there's anything turned on at my site (and checked for invisibility against Gibson Labs).

However, traceroute should do its thing no matter what state how the
client 's front door is configured. because it will and either reach the client's endpoint and say so, or, if it can't reach that, show you where
the failure is.

I hope this is useful info.


--
--
Martin | martin at
Gregorie | gregorie dot org

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 10/29/2020 4:23 PM, Knute Johnson wrote:

I'm not sure why Java has the privilege issue with
InetAddress.isReachable() but it does.

Someone thought that use of ICMP in Linux should
require privs.

The ping executable is rws while the java
executable is rwx.

Arne

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 10/29/20 8:47 PM, Arne Vajhøj wrote:

On 10/29/2020 4:23 PM, Knute Johnson wrote:

I'm not sure why Java has the privilege issue with
InetAddress.isReachable() but it does.

Someone thought that use of ICMP in Linux should
require privs.

The ping executable is rws while the java
executable is rwx.

Arne

OK, so that got me curious and I checked on my Xubuntu box that I was
using when writing this program and found this:

/usr/bin$ ls -al ping
-rwxr-xr-x 1 root root 72776 Jan 30 2020 ping

But then for fun I looked on my RaspberryPi and found:

~ $ ls -al /bin/ping
-rwsr-xr-x 1 root root 55720 Jan 13 2020 /bin/ping

The Buntus are usually fairly lax in some of their settings but I
thought this was interesting. Useless but interesting.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)