7156 Uefi pxe DHCP error



  • Server
    • FOG Version: RC11
    • OS: Ubuntu 16.04
    Client
    • Service Version: 11.5
    • OS: Windows 10 and Ubuntu 16.04
    Description

    I have been on a mission to dual boot Legacy and UEFI.

    this configuration works but only boots clients that support ipxe.efi!! but boots far less:

    dhcp-boot=undionly.kpxe,,192.168.1.109
    dhcp-match=set:efibc,option:client-arch,7
    dhcp-boot=tag:efibc,ipxe.efi,,192.168.1.109
    dhcp-match=set:i386-efi/ipxe.efi,option:client-arch,6
    dhcp-boot=tag:i386-efi/ipxe.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,7
    dhcp-boot=tag:efi-x86_64,ipxe.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,8
    dhcp-boot=tag:efi-x86_64,ipxe.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,9
    dhcp-boot=tag:efi-x86_64,ipxe.efi,,192.168.1.109
    

    I have finally succeeded in booting every unfit Machine using the 7156 strain. However there is an issue. I’m getting an dhcp error.

    0_1475908629328_IMG_20161008_012706v2.jpg

    dhcp-boot=undionly.kpxe,,192.168.1.109
    dhcp-match=set:efibc,option:client-arch,7
    dhcp-boot=tag:efibc,ipxe.efi,,192.168.1.109
    dhcp-match=set:i386-efi/ipxe.efi,option:client-arch,6
    dhcp-boot=tag:i386-efi/ipxe.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,7
    dhcp-boot=tag:efi-x86_64,ipxe.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,8
    dhcp-boot=tag:efi-x86_64,ipxe.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,9
    dhcp-boot=tag:efi-x86_64,ipxe.efi,,192.168.1.109
    dhcp-match=set:efibc,option:client-arch,7
    dhcp-boot=tag:efibc,intel.efi,,192.168.1.109
    dhcp-match=set:i386-efi/intel.efi,option:client-arch,6
    dhcp-boot=tag:i386-efi/intel.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,7
    dhcp-boot=tag:efi-x86_64,intel.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,8
    dhcp-boot=tag:efi-x86_64,intel.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,9
    dhcp-boot=tag:efi-x86_64,intel.efi,,192.168.1.109
    dhcp-match=set:efibc,option:client-arch,7
    dhcp-boot=tag:efibc,realtek.efi,,192.168.1.109
    dhcp-match=set:i386-efi/realtek.efi,option:client-arch,6
    dhcp-boot=tag:i386-efi/realtek.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,7
    dhcp-boot=tag:efi-x86_64,realtek.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,8
    dhcp-boot=tag:efi-x86_64,realtek.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,9
    dhcp-boot=tag:efi-x86_64,realtek.efi,,192.168.1.109
    dhcp-match=set:efibc,option:client-arch,7
    dhcp-boot=tag:efibc,snp.efi,,192.168.1.109
    dhcp-match=set:i386-efi/snp.efi,option:client-arch,6
    dhcp-boot=tag:i386-efi/snp.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,7
    dhcp-boot=tag:efi-x86_64,snp.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,8
    dhcp-boot=tag:efi-x86_64,snp.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,9
    dhcp-boot=tag:efi-x86_64,snp.efi,,192.168.1.109
    dhcp-match=set:efibc,option:client-arch,7
    dhcp-boot=tag:efibc,snponly.efi,,192.168.1.109
    dhcp-match=set:i386-efi/snponly.efi,option:client-arch,6
    dhcp-boot=tag:i386-efi/snponly.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,7
    dhcp-boot=tag:efi-x86_64,snponly.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,8
    dhcp-boot=tag:efi-x86_64,snponly.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,9
    dhcp-boot=tag:efi-x86_64,snponly.efi,,192.168.1.109
    dhcp-match=set:efibc,option:client-arch,7
    dhcp-boot=tag:efibc,snponly7156.efi,,192.168.1.109
    dhcp-match=set:i386-efi/snponly7156.efi,option:client-arch,6
    dhcp-boot=tag:i386-efi/snponly7156.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,7
    dhcp-boot=tag:efi-x86_64,snponly7156.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,8
    dhcp-boot=tag:efi-x86_64,snponly7156.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,9
    dhcp-boot=tag:efi-x86_64,snponly7156.efi,,192.168.1.109
    dhcp-match=set:efibc,option:client-arch,7
    dhcp-boot=tag:efibc,ipxe7156.efi,,192.168.1.109
    dhcp-match=set:i386-efi/ipxe7156.efi,option:client-arch,6
    dhcp-boot=tag:i386-efi/ipxe7156.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,7
    dhcp-boot=tag:efi-x86_64,ipxe7156.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,8
    dhcp-boot=tag:efi-x86_64,ipxe7156.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,9
    dhcp-boot=tag:efi-x86_64,ipxe7156.efi,,192.168.1.109
    dhcp-match=set:efibc,option:client-arch,7
    dhcp-boot=tag:efibc,snp7156.efi,,192.168.1.109
    dhcp-match=set:i386-efi/snp7156.efi,option:client-arch,6
    dhcp-boot=tag:i386-efi/snp7156.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,7
    dhcp-boot=tag:efi-x86_64,snp7156.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,8
    dhcp-boot=tag:efi-x86_64,snp7156.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,9
    dhcp-boot=tag:efi-x86_64,snp7156.efi,,192.168.1.109
    dhcp-match=set:efibc,option:client-arch,7
    dhcp-boot=tag:efibc,realtek7156.efi,,192.168.1.109
    dhcp-match=set:i386-efi/realtek7156.efi,option:client-arch,6
    dhcp-boot=tag:i386-efi/realtek7156.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,7
    dhcp-boot=tag:efi-x86_64,realtek7156.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,8
    dhcp-boot=tag:efi-x86_64,realtek7156.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,9
    dhcp-boot=tag:efi-x86_64,realtek7156.efi,,192.168.1.109
    dhcp-match=set:efibc,option:client-arch,7
    dhcp-boot=tag:efibc,intel7156.efi,,192.168.1.109
    dhcp-match=set:i386-efi/intel7156.efi,option:client-arch,6
    dhcp-boot=tag:i386-efi/intel7156.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,7
    dhcp-boot=tag:efi-x86_64,intel7156.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,8
    dhcp-boot=tag:efi-x86_64,intel7156.efi,,192.168.1.109
    dhcp-match=set:efi-x86_64,option:client-arch,9
    dhcp-boot=tag:efi-x86_64,intel7156.efi,,192.168.1.109```

  • Moderator

    @dureal99d Your welcome. I’m glad in the end it was just a simple reboot that finally resolved the issue.

    We had a hour or so chat session to work through this issue pulling apart the dhcp/pxe booting process frame by frame.



  • @george1421 I would like to thank you for helping and teaching me how to solve this riddle. Man I learned a lot. holy crap!!! this post can be marked as Solved. it you would please.


  • Moderator

    @dureal99d Let me have another shot at it. I just realized something I left out. Update your config file and insert these lines. I left the vendor class ones in so you knew where the add the following dhcp-boot lines. You’ll see where we pick back up with your config file with the dhcp-boot=undionly…

    # inspect the vendor class string and match the text to set the tag
    dhcp-vendorclass=BIOS,PXEClient:Arch:00000
    dhcp-vendorclass=IA32_UEFI,PXEClient:Arch:00006
    dhcp-vendorclass=BC_UEFI,PXEClient:Arch:00007
    dhcp-vendorclass=X86-64_EFI,PXEClient:Arch:00009
    
    # The default boot filename, Server name, Server Ip Address
    dhcp-boot=undionly.kpxe,,192.168.1.109
    
    # Set the boot file name based on the matching tag from the vendor class (above)
    dhcp-boot=net:IA32_UEFI,i386-efi/ipxe.efi,,192.168.1.109
    dhcp-boot=net:BC_UEFI,ipxe.efi,,192.168.1.109
    dhcp-boot=net:X86-64_EFI,ipxe.efi,,192.168.1.109
    
    



  • Moderator

    @dureal99d I see where things went wrong. I didn’t tell you the whole story.

    You need to add these lines into your config file. I left the dhcp-no-override in there to give you a reference where to place the lines.

    # Disable re-use of the DHCP servername and filename fields as extra
    # option space. That's to avoid confusing some old or broken DHCP clients.
    dhcp-no-override
    
    # inspect the vendor class string and match the text to set the tag
    dhcp-vendorclass=BIOS,PXEClient:Arch:00000
    dhcp-vendorclass=IA32_UEFI,PXEClient:Arch:00006
    dhcp-vendorclass=BC_UEFI,PXEClient:Arch:00007
    dhcp-vendorclass=X86-64_EFI,PXEClient:Arch:00009
    

    These lines are matching the vendor lines that sets the flags used in the pxe-service section. There is nothing to tell which vendor section line to fire so you are getting the default of… undionly.kpxe.



  • @george1421

    # Don't function as a DNS server:
    port=0
    
    # Log lots of extra information about DHCP transactions.
    log-dhcp
    
    # Set the root directory for files available via FTP.
    tftp-root=/tftpboot
    
    # Disable re-use of the DHCP servername and filename fields as extra
    # option space. That's to avoid confusing some old or broken DHCP clients.
    dhcp-no-override
    
    # The boot filename, Server name, Server Ip Address
    dhcp-boot=undionly.kpxe,,192.168.1.109
    
    # PXE menu.  The first part is the text displayed to the user.  The second is the timeout, in seconds.
    pxe-prompt="Booting FOG Client", 30
    
    # The known types are x86PC, PC98, IA64_EFI, Alpha, Arc_x86,
    # Intel_Lean_Client, IA32_EFI, ARM_EFI, BC_EFI, Xscale_EFI and X86-64_EFI
    # This option is first and will be the default if there is no input from the user.
    
    # PXEClient:Arch:00000
    pxe-service=X86PC, "Boot BIOS PXE", undionly.kpxe
    
    # PXEClient:Arch:00007
    pxe-service=BC_EFI, "Boot UEFI PXE-BC", ipxe.efi
    
    # PXEClient:Arch:00009
    pxe-service=X86-64_EFI, "Boot UEFI PXE-64", ipxe.efi
    
    dhcp-range=192.168.1.109,proxy```


  • @george1421 were you able to download the pcap. I set it to public




  • Moderator

    @dureal99d pcap?



  • @george1421 @Tom-Elliott

    HERE is the dump file

    No.     Time           Source                Destination           Protocol Length Info
          1 0.000000       0.0.0.0               255.255.255.255       DHCP     342    DHCP Request  - Transaction ID 0xdf5767a9
    
    Frame 1: 342 bytes on wire (2736 bits), 342 bytes captured (2736 bits)
    Ethernet II, Src: HuaweiTe_1d:36:6b (e0:a3:ac:1d:36:6b), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
    Internet Protocol Version 4, Src: 0.0.0.0, Dst: 255.255.255.255
    User Datagram Protocol, Src Port: 68, Dst Port: 67
    Bootstrap Protocol (Request)
    
    No.     Time           Source                Destination           Protocol Length Info
          2 261.631833     0.0.0.0               255.255.255.255       DHCP     389    DHCP Discover - Transaction ID 0xd0ae397e
    
    Frame 2: 389 bytes on wire (3112 bits), 389 bytes captured (3112 bits)
    Ethernet II, Src: Vmware_ab:af:95 (00:0c:29:ab:af:95), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
    Internet Protocol Version 4, Src: 0.0.0.0, Dst: 255.255.255.255
    User Datagram Protocol, Src Port: 68, Dst Port: 67
    Bootstrap Protocol (Discover)
    
    No.     Time           Source                Destination           Protocol Length Info
          3 261.633023     169.254.255.1         255.255.255.255       DHCP     363    DHCP Offer    - Transaction ID 0xd0ae397e
    
    Frame 3: 363 bytes on wire (2904 bits), 363 bytes captured (2904 bits)
    Ethernet II, Src: AsustekC_37:56:88 (1c:b7:2c:37:56:88), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
    Internet Protocol Version 4, Src: 169.254.255.1, Dst: 255.255.255.255
    User Datagram Protocol, Src Port: 67, Dst Port: 68
    Bootstrap Protocol (Offer)
    
    No.     Time           Source                Destination           Protocol Length Info
          4 265.327148     0.0.0.0               255.255.255.255       DHCP     401    DHCP Request  - Transaction ID 0xd0ae397e
    
    Frame 4: 401 bytes on wire (3208 bits), 401 bytes captured (3208 bits)
    Ethernet II, Src: Vmware_ab:af:95 (00:0c:29:ab:af:95), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
    Internet Protocol Version 4, Src: 0.0.0.0, Dst: 255.255.255.255
    User Datagram Protocol, Src Port: 68, Dst Port: 67
    Bootstrap Protocol (Request)
    
    No.     Time           Source                Destination           Protocol Length Info
          5 265.328586     169.254.255.1         255.255.255.255       DHCP     363    DHCP ACK      - Transaction ID 0xd0ae397e
    
    Frame 5: 363 bytes on wire (2904 bits), 363 bytes captured (2904 bits)
    Ethernet II, Src: AsustekC_37:56:88 (1c:b7:2c:37:56:88), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
    Internet Protocol Version 4, Src: 169.254.255.1, Dst: 255.255.255.255
    User Datagram Protocol, Src Port: 67, Dst Port: 68
    Bootstrap Protocol (ACK)
    
    No.     Time           Source                Destination           Protocol Length Info
          6 265.331364     192.168.1.149         192.168.1.109         TFTP     85     Read Request, File: undionly.kpxe, Transfer type: octet, tsize=0, blksize=1468
    
    Frame 6: 85 bytes on wire (680 bits), 85 bytes captured (680 bits)
    Ethernet II, Src: Vmware_ab:af:95 (00:0c:29:ab:af:95), Dst: Dell_31:77:89 (00:21:9b:31:77:89)
    Internet Protocol Version 4, Src: 192.168.1.149, Dst: 192.168.1.109
    User Datagram Protocol, Src Port: 1845, Dst Port: 69
    Trivial File Transfer Protocol
    
    No.     Time           Source                Destination           Protocol Length Info
          7 265.333596     192.168.1.149         192.168.1.109         TFTP     77     Read Request, File: undionly.kpxe, Transfer type: octet, blksize=1468
    
    Frame 7: 77 bytes on wire (616 bits), 77 bytes captured (616 bits)
    Ethernet II, Src: Vmware_ab:af:95 (00:0c:29:ab:af:95), Dst: Dell_31:77:89 (00:21:9b:31:77:89)
    Internet Protocol Version 4, Src: 192.168.1.149, Dst: 192.168.1.109
    User Datagram Protocol, Src Port: 1846, Dst Port: 69
    Trivial File Transfer Protocol
    
    No.     Time           Source                Destination           Protocol Length Info
          8 265.606931     192.168.1.149         192.168.1.109         TFTP     74     Read Request, File: grubx64.efi, Transfer type: octet, blksize=512
    
    Frame 8: 74 bytes on wire (592 bits), 74 bytes captured (592 bits)
    Ethernet II, Src: Vmware_ab:af:95 (00:0c:29:ab:af:95), Dst: Dell_31:77:89 (00:21:9b:31:77:89)
    Internet Protocol Version 4, Src: 192.168.1.149, Dst: 192.168.1.109
    User Datagram Protocol, Src Port: 1847, Dst Port: 69
    Trivial File Transfer Protocol
    
    No.     Time           Source                Destination           Protocol Length Info
          9 265.608739     192.168.1.149         192.168.1.109         TFTP     74     Read Request, File: grubx64.efi, Transfer type: octet, blksize=512
    
    Frame 9: 74 bytes on wire (592 bits), 74 bytes captured (592 bits)
    Ethernet II, Src: Vmware_ab:af:95 (00:0c:29:ab:af:95), Dst: Dell_31:77:89 (00:21:9b:31:77:89)
    Internet Protocol Version 4, Src: 192.168.1.149, Dst: 192.168.1.109
    User Datagram Protocol, Src Port: 1848, Dst Port: 69
    Trivial File Transfer Protocol
    
    No.     Time           Source                Destination           Protocol Length Info
         10 344.041810     0.0.0.0               255.255.255.255       DHCP     389    DHCP Discover - Transaction ID 0x11d41dbd
    
    Frame 10: 389 bytes on wire (3112 bits), 389 bytes captured (3112 bits)
    Ethernet II, Src: Vmware_ab:af:95 (00:0c:29:ab:af:95), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
    Internet Protocol Version 4, Src: 0.0.0.0, Dst: 255.255.255.255
    User Datagram Protocol, Src Port: 68, Dst Port: 67
    Bootstrap Protocol (Discover)
    
    No.     Time           Source                Destination           Protocol Length Info
         11 344.042976     169.254.255.1         255.255.255.255       DHCP     363    DHCP Offer    - Transaction ID 0x11d41dbd
    
    Frame 11: 363 bytes on wire (2904 bits), 363 bytes captured (2904 bits)
    Ethernet II, Src: AsustekC_37:56:88 (1c:b7:2c:37:56:88), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
    Internet Protocol Version 4, Src: 169.254.255.1, Dst: 255.255.255.255
    User Datagram Protocol, Src Port: 67, Dst Port: 68
    Bootstrap Protocol (Offer)
    
    No.     Time           Source                Destination           Protocol Length Info
         12 347.731535     0.0.0.0               255.255.255.255       DHCP     401    DHCP Request  - Transaction ID 0x11d41dbd
    
    Frame 12: 401 bytes on wire (3208 bits), 401 bytes captured (3208 bits)
    Ethernet II, Src: Vmware_ab:af:95 (00:0c:29:ab:af:95), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
    Internet Protocol Version 4, Src: 0.0.0.0, Dst: 255.255.255.255
    User Datagram Protocol, Src Port: 68, Dst Port: 67
    Bootstrap Protocol (Request)
    
    No.     Time           Source                Destination           Protocol Length Info
         13 347.732909     169.254.255.1         255.255.255.255       DHCP     363    DHCP ACK      - Transaction ID 0x11d41dbd
    
    Frame 13: 363 bytes on wire (2904 bits), 363 bytes captured (2904 bits)
    Ethernet II, Src: AsustekC_37:56:88 (1c:b7:2c:37:56:88), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
    Internet Protocol Version 4, Src: 169.254.255.1, Dst: 255.255.255.255
    User Datagram Protocol, Src Port: 67, Dst Port: 68
    Bootstrap Protocol (ACK)
    
    No.     Time           Source                Destination           Protocol Length Info
         14 347.734374     192.168.1.149         192.168.1.109         TFTP     85     Read Request, File: undionly.kpxe, Transfer type: octet, tsize=0, blksize=1468
    
    Frame 14: 85 bytes on wire (680 bits), 85 bytes captured (680 bits)
    Ethernet II, Src: Vmware_ab:af:95 (00:0c:29:ab:af:95), Dst: Dell_31:77:89 (00:21:9b:31:77:89)
    Internet Protocol Version 4, Src: 192.168.1.149, Dst: 192.168.1.109
    User Datagram Protocol, Src Port: 1295, Dst Port: 69
    Trivial File Transfer Protocol
    
    No.     Time           Source                Destination           Protocol Length Info
         15 347.736207     192.168.1.149         192.168.1.109         TFTP     77     Read Request, File: undionly.kpxe, Transfer type: octet, blksize=1468
    
    Frame 15: 77 bytes on wire (616 bits), 77 bytes captured (616 bits)
    Ethernet II, Src: Vmware_ab:af:95 (00:0c:29:ab:af:95), Dst: Dell_31:77:89 (00:21:9b:31:77:89)
    Internet Protocol Version 4, Src: 192.168.1.149, Dst: 192.168.1.109
    User Datagram Protocol, Src Port: 1296, Dst Port: 69
    Trivial File Transfer Protocol
    
    No.     Time           Source                Destination           Protocol Length Info
         16 348.051753     192.168.1.149         192.168.1.109         TFTP     74     Read Request, File: grubx64.efi, Transfer type: octet, blksize=512
    
    Frame 16: 74 bytes on wire (592 bits), 74 bytes captured (592 bits)
    Ethernet II, Src: Vmware_ab:af:95 (00:0c:29:ab:af:95), Dst: Dell_31:77:89 (00:21:9b:31:77:89)
    Internet Protocol Version 4, Src: 192.168.1.149, Dst: 192.168.1.109
    User Datagram Protocol, Src Port: 1297, Dst Port: 69
    Trivial File Transfer Protocol
    
    No.     Time           Source                Destination           Protocol Length Info
         17 348.053821     192.168.1.149         192.168.1.109         TFTP     74     Read Request, File: grubx64.efi, Transfer type: octet, blksize=512
    
    Frame 17: 74 bytes on wire (592 bits), 74 bytes captured (592 bits)
    Ethernet II, Src: Vmware_ab:af:95 (00:0c:29:ab:af:95), Dst: Dell_31:77:89 (00:21:9b:31:77:89)
    Internet Protocol Version 4, Src: 192.168.1.149, Dst: 192.168.1.109
    User Datagram Protocol, Src Port: 1298, Dst Port: 69
    Trivial File Transfer Protocol
    


  • @Tom-Elliott I think we all know you know a whole heck of alot



  • @george1421 ill do it promptly


  • Senior Developer

    @dureal99d If I had to guess, the “grubx64.efi” is coming from netboot of the ISO you’re loading at the time this is being performed. Just a guess, but what do I know?


  • Moderator

    @dureal99d Could I ask you to install tcpdump on your FOG server then run the following command to capture a new pcap file? The other one contains other internal communications that I don’t should see plus it confuses me to dig out what is going on.

    sudo tcpdump -w output.pcap port 67 or port 68 or port 69 or port 4011

    This will filter out all requests except dhcp, tftp, and dhcpProxy. UEFI boot the target computer and lets see where that gub boot is coming.



  • @george1421 I’ve learned how to read Wireshark. I isolated the port 69, during the regular boot I get the undionly.kpxe file downloaded and I’m ready to go however during the uefi boot I get the grubx64.efi and I don’t know how as it is not in my config file so where is it coming from?? and ideas @Senior-Developers @george1421 @Moderators @Developers please see my read out.

    No.     Time           Source                Destination           Protocol Length Info
        195 24.534142      192.168.1.130         192.168.1.109         TFTP     72     Read Request, File: undionly.kpxe, Transfer type: octet, tsize=0
    
    Frame 195: 72 bytes on wire (576 bits), 72 bytes captured (576 bits) on interface 0
    Ethernet II, Src: Vmware_0e:2b:70 (00:0c:29:0e:2b:70), Dst: Dell_31:77:89 (00:21:9b:31:77:89)
    Internet Protocol Version 4, Src: 192.168.1.130, Dst: 192.168.1.109
    User Datagram Protocol, Src Port: 2070, Dst Port: 69
    Trivial File Transfer Protocol
    
    No.     Time           Source                Destination           Protocol Length Info
        198 24.536295      192.168.1.130         192.168.1.109         TFTP     77     Read Request, File: undionly.kpxe, Transfer type: octet, blksize=1456
    
    Frame 198: 77 bytes on wire (616 bits), 77 bytes captured (616 bits) on interface 0
    Ethernet II, Src: Vmware_0e:2b:70 (00:0c:29:0e:2b:70), Dst: Dell_31:77:89 (00:21:9b:31:77:89)
    Internet Protocol Version 4, Src: 192.168.1.130, Dst: 192.168.1.109
    User Datagram Protocol, Src Port: 2071, Dst Port: 69
    Trivial File Transfer Protocol
    
    No.     Time           Source                Destination           Protocol Length Info
        529 50.813057      192.168.1.149         192.168.1.109         TFTP     85     Read Request, File: undionly.kpxe, Transfer type: octet, tsize=0, blksize=1468
    
    Frame 529: 85 bytes on wire (680 bits), 85 bytes captured (680 bits) on interface 0
    Ethernet II, Src: Vmware_ab:af:95 (00:0c:29:ab:af:95), Dst: Dell_31:77:89 (00:21:9b:31:77:89)
    Internet Protocol Version 4, Src: 192.168.1.149, Dst: 192.168.1.109
    User Datagram Protocol, Src Port: 1554, Dst Port: 69
    Trivial File Transfer Protocol
    
    No.     Time           Source                Destination           Protocol Length Info
        532 50.814771      192.168.1.149         192.168.1.109         TFTP     77     Read Request, File: undionly.kpxe, Transfer type: octet, blksize=1468
    
    Frame 532: 77 bytes on wire (616 bits), 77 bytes captured (616 bits) on interface 0
    Ethernet II, Src: Vmware_ab:af:95 (00:0c:29:ab:af:95), Dst: Dell_31:77:89 (00:21:9b:31:77:89)
    Internet Protocol Version 4, Src: 192.168.1.149, Dst: 192.168.1.109
    User Datagram Protocol, Src Port: 1555, Dst Port: 69
    Trivial File Transfer Protocol
    
    No.     Time           Source                Destination           Protocol Length Info
        675 51.198680      192.168.1.149         192.168.1.109         TFTP     74     Read Request, File: grubx64.efi, Transfer type: octet, blksize=512
    
    Frame 675: 74 bytes on wire (592 bits), 74 bytes captured (592 bits) on interface 0
    Ethernet II, Src: Vmware_ab:af:95 (00:0c:29:ab:af:95), Dst: Dell_31:77:89 (00:21:9b:31:77:89)
    Internet Protocol Version 4, Src: 192.168.1.149, Dst: 192.168.1.109
    User Datagram Protocol, Src Port: 1556, Dst Port: 69
    Trivial File Transfer Protocol
    
    No.     Time           Source                Destination           Protocol Length Info
        677 51.200515      192.168.1.149         192.168.1.109         TFTP     74     Read Request, File: grubx64.efi, Transfer type: octet, blksize=512
    
    Frame 677: 74 bytes on wire (592 bits), 74 bytes captured (592 bits) on interface 0
    Ethernet II, Src: Vmware_ab:af:95 (00:0c:29:ab:af:95), Dst: Dell_31:77:89 (00:21:9b:31:77:89)
    Internet Protocol Version 4, Src: 192.168.1.149, Dst: 192.168.1.109
    User Datagram Protocol, Src Port: 1557, Dst Port: 69
    Trivial File Transfer Protocol```


  • @george1421

    hereis the link to the pcap file. tell me what you think?



  • @george1421 I wanted to send you the pcap file but I get a permission error when I try to upload it. so a partial is all I could do via code box



  • @george1421my server is 192.168.1.109, my router 192.168.1.1 the machine I used to boot 192.168.1.102

    No.     Time           Source                Destination           Protocol Length Info
          1 0.000000       192.168.1.102         239.255.255.250       SSDP     143    M-SEARCH * HTTP/1.1 
    
    Frame 1: 143 bytes on wire (1144 bits), 143 bytes captured (1144 bits) on interface 0
    Ethernet II, Src: EvgaCorp_02:35:81 (00:1f:bc:02:35:81), Dst: IPv4mcast_7f:ff:fa (01:00:5e:7f:ff:fa)
    Internet Protocol Version 4, Src: 192.168.1.102, Dst: 239.255.255.250
    User Datagram Protocol, Src Port: 57388, Dst Port: 1900
    Simple Service Discovery Protocol
    
    No.     Time           Source                Destination           Protocol Length Info
          2 0.000162       192.168.1.101         239.255.255.250       SSDP     143    M-SEARCH * HTTP/1.1 
    
    Frame 2: 143 bytes on wire (1144 bits), 143 bytes captured (1144 bits) on interface 0
    Ethernet II, Src: EvgaCorp_02:35:80 (00:1f:bc:02:35:80), Dst: IPv4mcast_7f:ff:fa (01:00:5e:7f:ff:fa)
    Internet Protocol Version 4, Src: 192.168.1.101, Dst: 239.255.255.250
    User Datagram Protocol, Src Port: 57387, Dst Port: 1900
    Simple Service Discovery Protocol
    
    No.     Time           Source                Destination           Protocol Length Info
          3 0.000574       192.168.1.109         192.168.1.102         UDP      329    57463→57388 Len=287
    
    Frame 3: 329 bytes on wire (2632 bits), 329 bytes captured (2632 bits) on interface 0
    Ethernet II, Src: Dell_31:77:89 (00:21:9b:31:77:89), Dst: EvgaCorp_02:35:81 (00:1f:bc:02:35:81)
    Internet Protocol Version 4, Src: 192.168.1.109, Dst: 192.168.1.102
    User Datagram Protocol, Src Port: 57463, Dst Port: 57388
    Data (287 bytes)
    
    0000  48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d   HTTP/1.1 200 OK.
    0010  0a 4c 6f 63 61 74 69 6f 6e 3a 20 68 74 74 70 3a   .Location: http:
    0020  2f 2f 31 39 32 2e 31 36 38 2e 31 2e 31 30 39 3a   //192.168.1.109:
    0030  33 32 34 36 39 2f 44 65 76 69 63 65 44 65 73 63   32469/DeviceDesc
    0040  72 69 70 74 69 6f 6e 2e 78 6d 6c 0d 0a 43 61 63   ription.xml..Cac
    0050  68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6d 61 78 2d   he-Control: max-
    0060  61 67 65 3d 31 38 30 30 0d 0a 53 65 72 76 65 72   age=1800..Server
    0070  3a 20 55 50 6e 50 2f 31 2e 30 20 44 4c 4e 41 44   : UPnP/1.0 DLNAD
    0080  4f 43 2f 31 2e 35 30 20 50 6c 61 74 69 6e 75 6d   OC/1.50 Platinum
    0090  2f 31 2e 30 2e 34 2e 31 31 0d 0a 45 58 54 3a 20   /1.0.4.11..EXT: 
    00a0  0d 0a 55 53 4e 3a 20 75 75 69 64 3a 38 65 34 37   ..USN: uuid:8e47
    00b0  63 64 63 33 2d 66 39 38 63 2d 62 35 62 39 2d 32   cdc3-f98c-b5b9-2
    00c0  38 31 35 2d 65 33 34 66 35 36 35 32 37 63 32 31   815-e34f56527c21
    00d0  3a 3a 75 70 6e 70 3a 72 6f 6f 74 64 65 76 69 63   ::upnp:rootdevic
    00e0  65 0d 0a 53 54 3a 20 75 70 6e 70 3a 72 6f 6f 74   e..ST: upnp:root
    00f0  64 65 76 69 63 65 0d 0a 44 61 74 65 3a 20 4d 6f   device..Date: Mo
    0100  6e 2c 20 31 30 20 4f 63 74 20 32 30 31 36 20 30   n, 10 Oct 2016 0
    0110  36 3a 35 32 3a 31 35 20 47 4d 54 0d 0a 0d 0a      6:52:15 GMT....
    
    No.     Time           Source                Destination           Protocol Length Info
          4 0.001170       192.168.1.106         192.168.1.102         UDP      352    40006→57388 Len=310
    
    Frame 4: 352 bytes on wire (2816 bits), 352 bytes captured (2816 bits) on interface 0
    Ethernet II, Src: WesternD_b2:a4:26 (00:90:a9:b2:a4:26), Dst: EvgaCorp_02:35:81 (00:1f:bc:02:35:81)
    Internet Protocol Version 4, Src: 192.168.1.106, Dst: 192.168.1.102
    User Datagram Protocol, Src Port: 40006, Dst Port: 57388
    Data (310 bytes)
    
    0000  48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d   HTTP/1.1 200 OK.
    0010  0a 43 41 43 48 45 2d 43 4f 4e 54 52 4f 4c 3a 20   .CACHE-CONTROL: 
    0020  6d 61 78 2d 61 67 65 3d 31 38 31 30 0d 0a 44 41   max-age=1810..DA
    0030  54 45 3a 20 4d 6f 6e 2c 20 31 30 20 4f 63 74 20   TE: Mon, 10 Oct 
    0040  32 30 31 36 20 30 36 3a 35 31 3a 30 37 20 47 4d   2016 06:51:07 GM
    0050  54 0d 0a 45 58 54 3a 0d 0a 4c 4f 43 41 54 49 4f   T..EXT:..LOCATIO
    0060  4e 3a 20 68 74 74 70 3a 2f 2f 31 39 32 2e 31 36   N: http://192.16
    0070  38 2e 31 2e 31 30 36 3a 39 30 30 30 2f 44 65 76   8.1.106:9000/Dev
    0080  69 63 65 44 65 73 63 72 69 70 74 69 6f 6e 2e 78   iceDescription.x
    0090  6d 6c 0d 0a 53 45 52 56 45 52 3a 20 4c 69 6e 75   ml..SERVER: Linu
    00a0  78 2f 32 2e 78 2e 78 2c 20 55 50 6e 50 2f 31 2e   x/2.x.x, UPnP/1.
    00b0  30 2c 20 70 76 43 6f 6e 6e 65 63 74 20 55 50 6e   0, pvConnect UPn
    00c0  50 20 53 44 4b 2f 31 2e 30 0d 0a 53 54 3a 20 75   P SDK/1.0..ST: u
    00d0  70 6e 70 3a 72 6f 6f 74 64 65 76 69 63 65 0d 0a   pnp:rootdevice..
    00e0  55 53 4e 3a 20 75 75 69 64 3a 37 30 37 36 34 33   USN: uuid:707643
    00f0  36 66 2d 36 65 36 35 2d 31 30 36 33 2d 38 30 37   6f-6e65-1063-807
    0100  34 2d 30 30 39 30 61 39 62 32 61 34 32 36 3a 3a   4-0090a9b2a426::
    0110  75 70 6e 70 3a 72 6f 6f 74 64 65 76 69 63 65 0d   upnp:rootdevice.
    0120  0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a   .Content-Length:
    0130  20 30 0d 0a 0d 0a                                  0....
    
    No.     Time           Source                Destination           Protocol Length Info
          5 0.001434       192.168.1.105         192.168.1.102         UDP      375    60294→57388 Len=333
    
    Frame 5: 375 bytes on wire (3000 bits), 375 bytes captured (3000 bits) on interface 0
    Ethernet II, Src: WesternD_b2:9b:88 (00:90:a9:b2:9b:88), Dst: EvgaCorp_02:35:81 (00:1f:bc:02:35:81)
    Internet Protocol Version 4, Src: 192.168.1.105, Dst: 192.168.1.102
    User Datagram Protocol, Src Port: 60294, Dst Port: 57388
    Data (333 bytes)
    
    0000  48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d   HTTP/1.1 200 OK.
    0010  0a 43 41 43 48 45 2d 43 4f 4e 54 52 4f 4c 3a 20   .CACHE-CONTROL: 
    0020  6d 61 78 2d 61 67 65 3d 31 30 30 0d 0a 44 41 54   max-age=100..DAT
    0030  45 3a 20 4d 6f 6e 2c 20 31 30 20 4f 63 74 20 32   E: Mon, 10 Oct 2
    0040  30 31 36 20 30 36 3a 34 38 3a 34 34 20 47 4d 54   016 06:48:44 GMT
    0050  0d 0a 45 58 54 3a 0d 0a 4c 4f 43 41 54 49 4f 4e   ..EXT:..LOCATION
    0060  3a 20 68 74 74 70 3a 2f 2f 31 39 32 2e 31 36 38   : http://192.168
    0070  2e 31 2e 31 30 35 3a 34 39 31 35 34 2f 6e 61 73   .1.105:49154/nas
    0080  64 65 76 69 63 65 2e 78 6d 6c 0d 0a 53 45 52 56   device.xml..SERV
    0090  45 52 3a 20 4c 69 6e 75 78 2f 32 2e 36 2e 33 32   ER: Linux/2.6.32
    00a0  2e 31 31 2d 73 76 6e 37 30 38 36 30 2c 20 55 50   .11-svn70860, UP
    00b0  6e 50 2f 31 2e 30 2c 20 50 6f 72 74 61 62 6c 65   nP/1.0, Portable
    00c0  20 53 44 4b 20 66 6f 72 20 55 50 6e 50 20 64 65    SDK for UPnP de
    00d0  76 69 63 65 73 2f 31 2e 36 2e 36 0d 0a 58 2d 55   vices/1.6.6..X-U
    00e0  73 65 72 2d 41 67 65 6e 74 3a 20 72 65 64 73 6f   ser-Agent: redso
    00f0  6e 69 63 0d 0a 53 54 3a 20 75 70 6e 70 3a 72 6f   nic..ST: upnp:ro
    0100  6f 74 64 65 76 69 63 65 0d 0a 55 53 4e 3a 20 75   otdevice..USN: u
    0110  75 69 64 3a 37 33 36 35 36 37 36 31 2d 37 34 36   uid:73656761-746
    0120  35 2d 37 33 37 35 2d 36 33 36 62 2d 30 30 39 30   5-7375-636b-0090
    0130  61 39 62 32 39 62 38 38 3a 3a 75 70 6e 70 3a 72   a9b29b88::upnp:r
    0140  6f 6f 74 64 65 76 69 63 65 0d 0a 0d 0a            ootdevice....
    
    No.     Time           Source                Destination           Protocol Length Info
          6 0.001624       192.168.1.1           192.168.1.102         SSDP     321    HTTP/1.1 200 OK 
    
    Frame 6: 321 bytes on wire (2568 bits), 321 bytes captured (2568 bits) on interface 0
    Ethernet II, Src: AsustekC_37:56:88 (1c:b7:2c:37:56:88), Dst: EvgaCorp_02:35:81 (00:1f:bc:02:35:81)
    Internet Protocol Version 4, Src: 192.168.1.1, Dst: 192.168.1.102
    User Datagram Protocol, Src Port: 1900, Dst Port: 57388
    Simple Service Discovery Protocol
    
    No.     Time           Source                Destination           Protocol Length Info
          7 0.004022       192.168.1.1           192.168.1.102         SSDP     341    HTTP/1.1 200 OK 
    
    Frame 7: 341 bytes on wire (2728 bits), 341 bytes captured (2728 bits) on interface 0
    Ethernet II, Src: AsustekC_37:56:88 (1c:b7:2c:37:56:88), Dst: EvgaCorp_02:35:81 (00:1f:bc:02:35:81)
    Internet Protocol Version 4, Src: 192.168.1.1, Dst: 192.168.1.102
    User Datagram Protocol, Src Port: 1900, Dst Port: 57388
    Simple Service Discovery Protocol
    
    No.     Time           Source                Destination           Protocol Length Info
          8 0.011302       192.168.1.106         192.168.1.102         UDP      352    40006→57388 Len=310
    
    Frame 8: 352 bytes on wire (2816 bits), 352 bytes captured (2816 bits) on interface 0
    Ethernet II, Src: WesternD_b2:a4:26 (00:90:a9:b2:a4:26), Dst: EvgaCorp_02:35:81 (00:1f:bc:02:35:81)
    Internet Protocol Version 4, Src: 192.168.1.106, Dst: 192.168.1.102
    User Datagram Protocol, Src Port: 40006, Dst Port: 57388
    Data (310 bytes)
    
    0000  48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d   HTTP/1.1 200 OK.
    0010  0a 43 41 43 48 45 2d 43 4f 4e 54 52 4f 4c 3a 20   .CACHE-CONTROL: 
    0020  6d 61 78 2d 61 67 65 3d 31 38 31 30 0d 0a 44 41   max-age=1810..DA
    0030  54 45 3a 20 4d 6f 6e 2c 20 31 30 20 4f 63 74 20   TE: Mon, 10 Oct 
    0040  32 30 31 36 20 30 36 3a 35 31 3a 30 37 20 47 4d   2016 06:51:07 GM
    0050  54 0d 0a 45 58 54 3a 0d 0a 4c 4f 43 41 54 49 4f   T..EXT:..LOCATIO
    0060  4e 3a 20 68 74 74 70 3a 2f 2f 31 39 32 2e 31 36   N: http://192.16
    0070  38 2e 31 2e 31 30 36 3a 39 30 30 30 2f 44 65 76   8.1.106:9000/Dev
    0080  69 63 65 44 65 73 63 72 69 70 74 69 6f 6e 2e 78   iceDescription.x
    0090  6d 6c 0d 0a 53 45 52 56 45 52 3a 20 4c 69 6e 75   ml..SERVER: Linu
    00a0  78 2f 32 2e 78 2e 78 2c 20 55 50 6e 50 2f 31 2e   x/2.x.x, UPnP/1.
    00b0  30 2c 20 70 76 43 6f 6e 6e 65 63 74 20 55 50 6e   0, pvConnect UPn
    00c0  50 20 53 44 4b 2f 31 2e 30 0d 0a 53 54 3a 20 75   P SDK/1.0..ST: u
    00d0  70 6e 70 3a 72 6f 6f 74 64 65 76 69 63 65 0d 0a   pnp:rootdevice..
    00e0  55 53 4e 3a 20 75 75 69 64 3a 37 30 37 36 34 33   USN: uuid:707643
    00f0  36 66 2d 36 65 36 35 2d 31 30 36 33 2d 38 30 37   6f-6e65-1063-807
    0100  34 2d 30 30 39 30 61 39 62 32 61 34 32 36 3a 3a   4-0090a9b2a426::
    0110  75 70 6e 70 3a 72 6f 6f 74 64 65 76 69 63 65 0d   upnp:rootdevice.
    0120  0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a   .Content-Length:
    0130  20 30 0d 0a 0d 0a                                  0....
    
    No.     Time           Source                Destination           Protocol Length Info
          9 0.017016       192.168.1.106         192.168.1.102         UDP      375    40161→57388 Len=333
    
    Frame 9: 375 bytes on wire (3000 bits), 375 bytes captured (3000 bits) on interface 0
    Ethernet II, Src: WesternD_b2:a4:26 (00:90:a9:b2:a4:26), Dst: EvgaCorp_02:35:81 (00:1f:bc:02:35:81)
    Internet Protocol Version 4, Src: 192.168.1.106, Dst: 192.168.1.102
    User Datagram Protocol, Src Port: 40161, Dst Port: 57388
    Data (333 bytes)
    
    0000  48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d   HTTP/1.1 200 OK.
    0010  0a 43 41 43 48 45 2d 43 4f 4e 54 52 4f 4c 3a 20   .CACHE-CONTROL: 
    0020  6d 61 78 2d 61 67 65 3d 31 30 30 0d 0a 44 41 54   max-age=100..DAT
    0030  45 3a 20 4d 6f 6e 2c 20 31 30 20 4f 63 74 20 32   E: Mon, 10 Oct 2
    0040  30 31 36 20 30 36 3a 35 31 3a 30 38 20 47 4d 54   016 06:51:08 GMT
    0050  0d 0a 45 58 54 3a 0d 0a 4c 4f 43 41 54 49 4f 4e   ..EXT:..LOCATION
    0060  3a 20 68 74 74 70 3a 2f 2f 31 39 32 2e 31 36 38   : http://192.168
    0070  2e 31 2e 31 30 36 3a 34 39 31 35 34 2f 6e 61 73   .1.106:49154/nas
    0080  64 65 76 69 63 65 2e 78 6d 6c 0d 0a 53 45 52 56   device.xml..SERV
    0090  45 52 3a 20 4c 69 6e 75 78 2f 32 2e 36 2e 33 32   ER: Linux/2.6.32
    00a0  2e 31 31 2d 73 76 6e 37 30 38 36 30 2c 20 55 50   .11-svn70860, UP
    00b0  6e 50 2f 31 2e 30 2c 20 50 6f 72 74 61 62 6c 65   nP/1.0, Portable
    00c0  20 53 44 4b 20 66 6f 72 20 55 50 6e 50 20 64 65    SDK for UPnP de
    00d0  76 69 63 65 73 2f 31 2e 36 2e 36 0d 0a 58 2d 55   vices/1.6.6..X-U
    00e0  73 65 72 2d 41 67 65 6e 74 3a 20 72 65 64 73 6f   ser-Agent: redso
    00f0  6e 69 63 0d 0a 53 54 3a 20 75 70 6e 70 3a 72 6f   nic..ST: upnp:ro
    0100  6f 74 64 65 76 69 63 65 0d 0a 55 53 4e 3a 20 75   otdevice..USN: u
    0110  75 69 64 3a 37 33 36 35 36 37 36 31 2d 37 34 36   uid:73656761-746
    0120  35 2d 37 33 37 35 2d 36 33 36 62 2d 30 30 39 30   5-7375-636b-0090
    0130  61 39 62 32 61 34 32 36 3a 3a 75 70 6e 70 3a 72   a9b2a426::upnp:r
    0140  6f 6f 74 64 65 76 69 63 65 0d 0a 0d 0a            ootdevice....
    
    No.     Time           Source                Destination           Protocol Length Info
         10 0.021420       192.168.1.106         192.168.1.102         UDP      352    40006→57388 Len=310
    
    Frame 10: 352 bytes on wire (2816 bits), 352 bytes captured (2816 bits) on interface 0
    Ethernet II, Src: WesternD_b2:a4:26 (00:90:a9:b2:a4:26), Dst: EvgaCorp_02:35:81 (00:1f:bc:02:35:81)
    Internet Protocol Version 4, Src: 192.168.1.106, Dst: 192.168.1.102
    User Datagram Protocol, Src Port: 40006, Dst Port: 57388
    Data (310 bytes)
    
    0000  48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d   HTTP/1.1 200 OK.
    0010  0a 43 41 43 48 45 2d 43 4f 4e 54 52 4f 4c 3a 20   .CACHE-CONTROL: 
    0020  6d 61 78 2d 61 67 65 3d 31 38 31 30 0d 0a 44 41   max-age=1810..DA
    0030  54 45 3a 20 4d 6f 6e 2c 20 31 30 20 4f 63 74 20   TE: Mon, 10 Oct 
    0040  32 30 31 36 20 30 36 3a 35 31 3a 30 38 20 47 4d   2016 06:51:08 GM
    0050  54 0d 0a 45 58 54 3a 0d 0a 4c 4f 43 41 54 49 4f   T..EXT:..LOCATIO
    0060  4e 3a 20 68 74 74 70 3a 2f 2f 31 39 32 2e 31 36   N: http://192.16
    0070  38 2e 31 2e 31 30 36 3a 39 30 30 30 2f 44 65 76   8.1.106:9000/Dev
    0080  69 63 65 44 65 73 63 72 69 70 74 69 6f 6e 2e 78   iceDescription.x
    0090  6d 6c 0d 0a 53 45 52 56 45 52 3a 20 4c 69 6e 75   ml..SERVER: Linu
    00a0  78 2f 32 2e 78 2e 78 2c 20 55 50 6e 50 2f 31 2e   x/2.x.x, UPnP/1.
    00b0  30 2c 20 70 76 43 6f 6e 6e 65 63 74 20 55 50 6e   0, pvConnect UPn
    00c0  50 20 53 44 4b 2f 31 2e 30 0d 0a 53 54 3a 20 75   P SDK/1.0..ST: u
    00d0  70 6e 70 3a 72 6f 6f 74 64 65 76 69 63 65 0d 0a   pnp:rootdevice..
    00e0  55 53 4e 3a 20 75 75 69 64 3a 37 30 37 36 34 33   USN: uuid:707643
    00f0  36 66 2d 36 65 36 35 2d 31 30 36 33 2d 38 30 37   6f-6e65-1063-807
    0100  34 2d 30 30 39 30 61 39 62 32 61 34 32 36 3a 3a   4-0090a9b2a426::
    0110  75 70 6e 70 3a 72 6f 6f 74 64 65 76 69 63 65 0d   upnp:rootdevice.
    0120  0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a   .Content-Length:
    0130  20 30 0d 0a 0d 0a                                  0....
    
    No.     Time           Source                Destination           Protocol Length Info
         11 0.455249       192.168.1.102         162.213.199.177       TLSv1.2  90     Application Data
    
    Frame 11: 90 bytes on wire (720 bits), 90 bytes captured (720 bits) on interface 0
    Ethernet II, Src: EvgaCorp_02:35:81 (00:1f:bc:02:35:81), Dst: AsustekC_37:56:88 (1c:b7:2c:37:56:88)
    Internet Protocol Version 4, Src: 192.168.1.102, Dst: 162.213.199.177
    Transmission Control Protocol, Src Port: 50159, Dst Port: 443, Seq: 1, Ack: 1, Len: 36
    Secure Sockets Layer
    
    No.     Time           Source                Destination           Protocol Length Info
         12 0.561457       162.213.199.177       192.168.1.102         TCP      60     443→50159 [ACK] Seq=1 Ack=37 Win=67 Len=0
    
    Frame 12: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
    Ethernet II, Src: AsustekC_37:56:88 (1c:b7:2c:37:56:88), Dst: EvgaCorp_02:35:81 (00:1f:bc:02:35:81)
    Internet Protocol Version 4, Src: 162.213.199.177, Dst: 192.168.1.102
    Transmission Control Protocol, Src Port: 443, Dst Port: 50159, Seq: 1, Ack: 37, Len: 0
    
    No.     Time           Source                Destination           Protocol Length Info
         13 0.562968       162.213.199.177       192.168.1.102         TLSv1.2  86     Application Data
    
    Frame 13: 86 bytes on wire (688 bits), 86 bytes captured (688 bits) on interface 0
    Ethernet II, Src: AsustekC_37:56:88 (1c:b7:2c:37:56:88), Dst: EvgaCorp_02:35:81 (00:1f:bc:02:35:81)
    Internet Protocol Version 4, Src: 162.213.199.177, Dst: 192.168.1.102
    Transmission Control Protocol, Src Port: 443, Dst Port: 50159, Seq: 1, Ack: 37, Len: 32
    Secure Sockets Layer
    
    No.     Time           Source                Destination           Protocol Length Info
         14 0.562995       192.168.1.102         162.213.199.177       TCP      54     50159→443 [ACK] Seq=37 Ack=33 Win=32600 Len=0
    
    Frame 14: 54 bytes on wire (432 bits), 54 bytes captured (432 bits) on interface 0
    Ethernet II, Src: EvgaCorp_02:35:81 (00:1f:bc:02:35:81), Dst: AsustekC_37:56:88 (1c:b7:2c:37:56:88)
    Internet Protocol Version 4, Src: 192.168.1.102, Dst: 162.213.199.177
    Transmission Control Protocol, Src Port: 50159, Dst Port: 443, Seq: 37, Ack: 33, Len: 0
    
    No.     Time           Source                Destination           Protocol Length Info
         15 1.447497       74.125.161.234        192.168.1.102         TCP      60     443→53845 [FIN, ACK] Seq=1 Ack=1 Win=635 Len=0
    
    Frame 15: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
    Ethernet II, Src: AsustekC_37:56:88 (1c:b7:2c:37:56:88), Dst: EvgaCorp_02:35:81 (00:1f:bc:02:35:81)
    Internet Protocol Version 4, Src: 74.125.161.234, Dst: 192.168.1.102
    Transmission Control Protocol, Src Port: 443, Dst Port: 53845, Seq: 1, Ack: 1, Len: 0
    
    No.     Time           Source                Destination           Protocol Length Info
         16 1.447551       192.168.1.102         74.125.161.234        TCP      54     53845→443 [ACK] Seq=1 Ack=2 Win=32768 Len=0
    
    Frame 16: 54 bytes on wire (432 bits), 54 bytes captured (432 bits) on interface 0
    Ethernet II, Src: EvgaCorp_02:35:81 (00:1f:bc:02:35:81), Dst: AsustekC_37:56:88 (1c:b7:2c:37:56:88)
    Internet Protocol Version 4, Src: 192.168.1.102, Dst: 74.125.161.234
    Transmission Control Protocol, Src Port: 53845, Dst Port: 443, Seq: 1, Ack: 2, Len: 0
    
    No.     Time           Source                Destination           Protocol Length Info
         17 2.001771       192.168.1.105         192.168.1.102         UDP      352    46434→57388 Len=310
    
    Frame 17: 352 bytes on wire (2816 bits), 352 bytes captured (2816 bits) on interface 0
    Ethernet II, Src: WesternD_b2:9b:88 (00:90:a9:b2:9b:88), Dst: EvgaCorp_02:35:81 (00:1f:bc:02:35:81)
    Internet Protocol Version 4, Src: 192.168.1.105, Dst: 192.168.1.102
    User Datagram Protocol, Src Port: 46434, Dst Port: 57388
    Data (310 bytes)
    
    0000  48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d   HTTP/1.1 200 OK.
    0010  0a 43 41 43 48 45 2d 43 4f 4e 54 52 4f 4c 3a 20   .CACHE-CONTROL: 
    0020  6d 61 78 2d 61 67 65 3d 31 38 31 30 0d 0a 44 41   max-age=1810..DA
    0030  54 45 3a 20 4d 6f 6e 2c 20 31 30 20 4f 63 74 20   TE: Mon, 10 Oct 
    0040  32 30 31 36 20 30 36 3a 34 38 3a 34 36 20 47 4d   2016 06:48:46 GM
    0050  54 0d 0a 45 58 54 3a 0d 0a 4c 4f 43 41 54 49 4f   T..EXT:..LOCATIO
    0060  4e 3a 20 68 74 74 70 3a 2f 2f 31 39 32 2e 31 36   N: http://192.16
    0070  38 2e 31 2e 31 30 35 3a 39 30 30 30 2f 44 65 76   8.1.105:9000/Dev
    0080  69 63 65 44 65 73 63 72 69 70 74 69 6f 6e 2e 78   iceDescription.x
    0090  6d 6c 0d 0a 53 45 52 56 45 52 3a 20 4c 69 6e 75   ml..SERVER: Linu
    00a0  78 2f 32 2e 78 2e 78 2c 20 55 50 6e 50 2f 31 2e   x/2.x.x, UPnP/1.
    00b0  30 2c 20 70 76 43 6f 6e 6e 65 63 74 20 55 50 6e   0, pvConnect UPn
    00c0  50 20 53 44 4b 2f 31 2e 30 0d 0a 53 54 3a 20 75   P SDK/1.0..ST: u
    00d0  70 6e 70 3a 72 6f 6f 74 64 65 76 69 63 65 0d 0a   pnp:rootdevice..
    00e0  55 53 4e 3a 20 75 75 69 64 3a 37 30 37 36 34 33   USN: uuid:707643
    00f0  36 66 2d 36 65 36 35 2d 31 30 36 33 2d 38 30 37   6f-6e65-1063-807
    0100  34 2d 30 30 39 30 61 39 62 32 39 62 38 38 3a 3a   4-0090a9b29b88::
    0110  75 70 6e 70 3a 72 6f 6f 74 64 65 76 69 63 65 0d   upnp:rootdevice.
    0120  0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a   .Content-Length:
    0130  20 30 0d 0a 0d 0a                                  0....
    
    No.     Time           Source                Destination           Protocol Length Info
         18 2.011900       192.168.1.105         192.168.1.102         UDP      352    46434→57388 Len=310
    
    Frame 18: 352 bytes on wire (2816 bits), 352 bytes captured (2816 bits) on interface 0
    Ethernet II, Src: WesternD_b2:9b:88 (00:90:a9:b2:9b:88), Dst: EvgaCorp_02:35:81 (00:1f:bc:02:35:81)
    Internet Protocol Version 4, Src: 192.168.1.105, Dst: 192.168.1.102
    User Datagram Protocol, Src Port: 46434, Dst Port: 57388
    Data (310 bytes)
    
    0000  48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d   HTTP/1.1 200 OK.
    0010  0a 43 41 43 48 45 2d 43 4f 4e 54 52 4f 4c 3a 20   .CACHE-CONTROL: 
    0020  6d 61 78 2d 61 67 65 3d 31 38 31 30 0d 0a 44 41   max-age=1810..DA
    0030  54 45 3a 20 4d 6f 6e 2c 20 31 30 20 4f 63 74 20   TE: Mon, 10 Oct 
    0040  32 30 31 36 20 30 36 3a 34 38 3a 34 36 20 47 4d   2016 06:48:46 GM
    0050  54 0d 0a 45 58 54 3a 0d 0a 4c 4f 43 41 54 49 4f   T..EXT:..LOCATIO
    0060  4e 3a 20 68 74 74 70 3a 2f 2f 31 39 32 2e 31 36   N: http://192.16
    0070  38 2e 31 2e 31 30 35 3a 39 30 30 30 2f 44 65 76   8.1.105:9000/Dev
    0080  69 63 65 44 65 73 63 72 69 70 74 69 6f 6e 2e 78   iceDescription.x
    0090  6d 6c 0d 0a 53 45 52 56 45 52 3a 20 4c 69 6e 75   ml..SERVER: Linu
    00a0  78 2f 32 2e 78 2e 78 2c 20 55 50 6e 50 2f 31 2e   x/2.x.x, UPnP/1.
    00b0  30 2c 20 70 76 43 6f 6e 6e 65 63 74 20 55 50 6e   0, pvConnect UPn
    00c0  50 20 53 44 4b 2f 31 2e 30 0d 0a 53 54 3a 20 75   P SDK/1.0..ST: u
    00d0  70 6e 70 3a 72 6f 6f 74 64 65 76 69 63 65 0d 0a   pnp:rootdevice..
    00e0  55 53 4e 3a 20 75 75 69 64 3a 37 30 37 36 34 33   USN: uuid:707643
    00f0  36 66 2d 36 65 36 35 2d 31 30 36 33 2d 38 30 37   6f-6e65-1063-807
    0100  34 2d 30 30 39 30 61 39 62 32 39 62 38 38 3a 3a   4-0090a9b29b88::
    0110  75 70 6e 70 3a 72 6f 6f 74 64 65 76 69 63 65 0d   upnp:rootdevice.
    0120  0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a   .Content-Length:
    0130  20 30 0d 0a 0d 0a                                  0....
    
    No.     Time           Source                Destination           Protocol Length Info
         19 2.022007       192.168.1.105         192.168.1.102         UDP      352    46434→57388 Len=310
    
    Frame 19: 352 bytes on wire (2816 bits), 352 bytes captured (2816 bits) on interface 0
    Ethernet II, Src: WesternD_b2:9b:88 (00:90:a9:b2:9b:88), Dst: EvgaCorp_02:35:81 (00:1f:bc:02:35:81)
    Internet Protocol Version 4, Src: 192.168.1.105, Dst: 192.168.1.102
    User Datagram Protocol, Src Port: 46434, Dst Port: 57388
    Data (310 bytes)
    
    0000  48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d   HTTP/1.1 200 OK.
    0010  0a 43 41 43 48 45 2d 43 4f 4e 54 52 4f 4c 3a 20   .CACHE-CONTROL: 
    0020  6d 61 78 2d 61 67 65 3d 31 38 31 30 0d 0a 44 41   max-age=1810..DA
    0030  54 45 3a 20 4d 6f 6e 2c 20 31 30 20 4f 63 74 20   TE: Mon, 10 Oct 
    0040  32 30 31 36 20 30 36 3a 34 38 3a 34 36 20 47 4d   2016 06:48:46 GM
    0050  54 0d 0a 45 58 54 3a 0d 0a 4c 4f 43 41 54 49 4f   T..EXT:..LOCATIO
    0060  4e 3a 20 68 74 74 70 3a 2f 2f 31 39 32 2e 31 36   N: http://192.16
    0070  38 2e 31 2e 31 30 35 3a 39 30 30 30 2f 44 65 76   8.1.105:9000/Dev
    0080  69 63 65 44 65 73 63 72 69 70 74 69 6f 6e 2e 78   iceDescription.x
    0090  6d 6c 0d 0a 53 45 52 56 45 52 3a 20 4c 69 6e 75   ml..SERVER: Linu
    00a0  78 2f 32 2e 78 2e 78 2c 20 55 50 6e 50 2f 31 2e   x/2.x.x, UPnP/1.
    00b0  30 2c 20 70 76 43 6f 6e 6e 65 63 74 20 55 50 6e   0, pvConnect UPn
    00c0  50 20 53 44 4b 2f 31 2e 30 0d 0a 53 54 3a 20 75   P SDK/1.0..ST: u
    00d0  70 6e 70 3a 72 6f 6f 74 64 65 76 69 63 65 0d 0a   pnp:rootdevice..
    00e0  55 53 4e 3a 20 75 75 69 64 3a 37 30 37 36 34 33   USN: uuid:707643
    00f0  36 66 2d 36 65 36 35 2d 31 30 36 33 2d 38 30 37   6f-6e65-1063-807
    0100  34 2d 30 30 39 30 61 39 62 32 39 62 38 38 3a 3a   4-0090a9b29b88::
    0110  75 70 6e 70 3a 72 6f 6f 74 64 65 76 69 63 65 0d   upnp:rootdevice.
    0120  0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a   .Content-Length:
    0130  20 30 0d 0a 0d 0a                                  0....
    
    No.     Time           Source                Destination           Protocol Length Info
         20 2.473644       208.91.0.10           192.168.1.102         TCP      60     443→53973 [FIN, ACK] Seq=1 Ack=1 Win=6411 Len=0
    
    Frame 20: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0
    Ethernet II, Src: AsustekC_37:56:88 (1c:b7:2c:37:56:88), Dst: EvgaCorp_02:35:81 (00:1f:bc:02:35:81)
    Internet Protocol Version 4, Src: 208.91.0.10, Dst: 192.168.1.102
    Transmission Control Protocol, Src Port: 443, Dst Port: 53973, Seq: 1, Ack: 1, Len: 0
    
    No.     Time           Source                Destination           Protocol Length Info
         21 2.473691       192.168.1.102         208.91.0.10           TCP      54     53973→443 [ACK] Seq=1 Ack=2 Win=63936 Len=0
    
    Frame 21: 54 bytes on wire (432 bits), 54 bytes captured (432 bits) on interface 0
    Ethernet II, Src: EvgaCorp_02:35:81 (00:1f:bc:02:35:81), Dst: AsustekC_37:56:88 (1c:b7:2c:37:56:88)
    Internet Protocol Version 4, Src: 192.168.1.102, Dst: 208.91.0.10
    Transmission Control Protocol, Src Port: 53973, Dst Port: 443, Seq: 1, Ack: 2, Len: 0
    
    No.     Time           Source                Destination           Protocol Length Info
         22 2.917047       ::                    ff02::2               ICMPv6   62     Router Solicitation
    
    Frame 22: 62 bytes on wire (496 bits), 62 bytes captured (496 bits) on interface 0
    Ethernet II, Src: Vmware_ab:af:95 (00:0c:29:ab:af:95), Dst: IPv6mcast_02 (33:33:00:00:00:02)
    Internet Protocol Version 6, Src: ::, Dst: ff02::2
    Internet Control Message Protocol v6
    
    No.     Time           Source                Destination           Protocol Length Info
         23 3.000112       192.168.1.102         239.255.255.250       SSDP     143    M-SEARCH * HTTP/1.1 
    
    Frame 23: 143 bytes on wire (1144 bits), 143 bytes captured (1144 bits) on interface 0
    Ethernet II, Src: EvgaCorp_02:35:81 (00:1f:bc:02:35:81), Dst: IPv4mcast_7f:ff:fa (01:00:5e:7f:ff:fa)
    Internet Protocol Version 4, Src: 192.168.1.102, Dst: 239.255.255.250
    User Datagram Protocol, Src Port: 57388, Dst Port: 1900
    Simple Service Discovery Protocol
    
    No.     Time           Source                Destination           Protocol Length Info
         24 3.000116       192.168.1.101         239.255.255.250       SSDP     143    M-SEARCH * HTTP/1.1 
    
    Frame 24: 143 bytes on wire (1144 bits), 143 bytes captured (1144 bits) on interface 0
    Ethernet II, Src: EvgaCorp_02:35:80 (00:1f:bc:02:35:80), Dst: IPv4mcast_7f:ff:fa (01:00:5e:7f:ff:fa)
    Internet Protocol Version 4, Src: 192.168.1.101, Dst: 239.255.255.250
    User Datagram Protocol, Src Port: 57387, Dst Port: 1900
    Simple Service Discovery Protocol
    
    No.     Time           Source                Destination           Protocol Length Info
         25 3.001608       192.168.1.1           192.168.1.102         SSDP     321    HTTP/1.1 200 OK 
    
    Frame 25: 321 bytes on wire (2568 bits), 321 bytes captured (2568 bits) on interface 0
    Ethernet II, Src: AsustekC_37:56:88 (1c:b7:2c:37:56:88), Dst: EvgaCorp_02:35:81 (00:1f:bc:02:35:81)
    Internet Protocol Version 4, Src: 192.168.1.1, Dst: 192.168.1.102
    User Datagram Protocol, Src Port: 1900, Dst Port: 57388
    Simple Service Discovery Protocol
    
    No.     Time           Source                Destination           Protocol Length Info
         26 3.017139       192.168.1.106         192.168.1.102         UDP      375    50080→57388 Len=333
    
    Frame 26: 375 bytes on wire (3000 bits), 375 bytes captured (3000 bits) on interface 0
    Ethernet II, Src: WesternD_b2:a4:26 (00:90:a9:b2:a4:26), Dst: EvgaCorp_02:35:81 (00:1f:bc:02:35:81)
    Internet Protocol Version 4, Src: 192.168.1.106, Dst: 192.168.1.102
    User Datagram Protocol, Src Port: 50080, Dst Port: 57388
    Data (333 bytes)
    
    0000  48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d   HTTP/1.1 200 OK.
    0010  0a 43 41 43 48 45 2d 43 4f 4e 54 52 4f 4c 3a 20   .CACHE-CONTROL: 
    0020  6d 61 78 2d 61 67 65 3d 31 30 30 0d 0a 44 41 54   max-age=100..DAT
    0030  45 3a 20 4d 6f 6e 2c 20 31 30 20 4f 63 74 20 32   E: Mon, 10 Oct 2
    0040  30 31 36 20 30 36 3a 35 31 3a 31 31 20 47 4d 54   016 06:51:11 GMT
    0050  0d 0a 45 58 54 3a 0d 0a 4c 4f 43 41 54 49 4f 4e   ..EXT:..LOCATION
    0060  3a 20 68 74 74 70 3a 2f 2f 31 39 32 2e 31 36 38   : http://192.168
    0070  2e 31 2e 31 30 36 3a 34 39 31 35 34 2f 6e 61 73   .1.106:49154/nas
    0080  64 65 76 69 63 65 2e 78 6d 6c 0d 0a 53 45 52 56   device.xml..SERV
    0090  45 52 3a 20 4c 69 6e 75 78 2f 32 2e 36 2e 33 32   ER: Linux/2.6.32
    00a0  2e 31 31 2d 73 76 6e 37 30 38 36 30 2c 20 55 50   .11-svn70860, UP
    00b0  6e 50 2f 31 2e 30 2c 20 50 6f 72 74 61 62 6c 65   nP/1.0, Portable
    00c0  20 53 44 4b 20 66 6f 72 20 55 50 6e 50 20 64 65    SDK for UPnP de
    00d0  76 69 63 65 73 2f 31 2e 36 2e 36 0d 0a 58 2d 55   vices/1.6.6..X-U
    00e0  73 65 72 2d 41 67 65 6e 74 3a 20 72 65 64 73 6f   ser-Agent: redso
    00f0  6e 69 63 0d 0a 53 54 3a 20 75 70 6e 70 3a 72 6f   nic..ST: upnp:ro
    0100  6f 74 64 65 76 69 63 65 0d 0a 55 53 4e 3a 20 75   otdevice..USN: u
    0110  75 69 64 3a 37 33 36 35 36 37 36 31 2d 37 34 36   uid:73656761-746
    0120  35 2d 37 33 37 35 2d 36 33 36 62 2d 30 30 39 30   5-7375-636b-0090
    0130  61 39 62 32 61 34 32 36 3a 3a 75 70 6e 70 3a 72   a9b2a426::upnp:r
    0140  6f 6f 74 64 65 76 69 63 65 0d 0a 0d 0a            ootdevice....
    
    No.     Time           Source                Destination           Protocol Length Info
         27 3.019728       192.168.1.1           192.168.1.102         SSDP     341    HTTP/1.1 200 OK 
    
    Frame 27: 341 bytes on wire (2728 bits), 341 bytes captured (2728 bits) on interface 0
    Ethernet II, Src: AsustekC_37:56:88 (1c:b7:2c:37:56:88), Dst: EvgaCorp_02:35:81 (00:1f:bc:02:35:81)
    Internet Protocol Version 4, Src: 192.168.1.1, Dst: 192.168.1.102
    User Datagram Protocol, Src Port: 1900, Dst Port: 57388
    Simple Service Discovery Protocol
    
    No.     Time           Source                Destination           Protocol Length Info
         28 3.024543       192.168.1.109         192.168.1.255         UDP      63     59957→32412 Len=21
    
    Frame 28: 63 bytes on wire (504 bits), 63 bytes captured (504 bits) on interface 0
    Ethernet II, Src: Dell_31:77:89 (00:21:9b:31:77:89), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
    Internet Protocol Version 4, Src: 192.168.1.109, Dst: 192.168.1.255
    User Datagram Protocol, Src Port: 59957, Dst Port: 32412
    Data (21 bytes)
    
    0000  4d 2d 53 45 41 52 43 48 20 2a 20 48 54 54 50 2f   M-SEARCH * HTTP/
    0010  31 2e 31 0d 0a                                    1.1..
    
    No.     Time           Source                Destination           Protocol Length Info
         29 3.024736       192.168.1.109         192.168.1.255         UDP      63     60555→32414 Len=21
    
    
    
    
    


  • @george1421 when i get off work ill send you the pcap file.


Log in to reply
 

Looks like your connection to FOG Project was lost, please wait while we try to reconnect.