momo zone

调核人的blog

Monthly Archives: 四月 2009

iwl4965 injection

iwl4965 injection
 
国外有成功的例子我试过效果都不理想, 希望这篇不成气候的文章 能起到抛砖引玉的作用如果你试过并解决injection的,请共享一下http://tinyshell.be/aircrackng/forum/index.php?topic=2898国外的论坛,有需要的可以看看
OS:ubuntu 2.6.24-19-generic
准备
wget http://www.orbit-lab.org/kernel/ … -2008-07-21.tar.bz2
iw.tar.gz
patch_20080707.diff#下面是下载地址
download http://tinyshell.be/aircrackng/forum/index.php?action=dlattach;topic=2898.0;id=376
iwlwifi-4965-2.ucode
#http://intellinuxwireless.org/iw … ode-228.57.2.21.tgz
1安装依赖
sudo apt-get install libnl-dev libssl-dev
2安装aircrack-ng rc1
sudo cp aircrack-ng-1.0-rc1.tar /usr/src
sudo tar xf  aircrack-ng-1.0-rc1.tar
cd  aircrack-ng-1.0
sudo make #如果出现错误的话就进行下面#号的命令,安装
#sudo apt-get install openssl*
3安装iw.tar.gz
sudo tar xf iw.tar.gz
sudo make #如果出现错误就是没做第一步
sudo make install
4检测一下
#现在你可以打开mon0接口了
#不过运行sudo aireplay-ng –test mon0
#就等着死机
sudo ifconfig wlan0 down
sudo iwconfig wlan0 mode monitor
sudo airmon-ng start wlan0
#会出现
wlan0         Intel 4965 a/b/g/n     iwl4965 – [phy0]
                 (monitor mode enabled on mon1)
4安装注入包
sudo cp compat-wireless-2008-07-21.tar.bz2 /usr/src
tar xf /usr/src/compat-wireless-2008-07-06.tar.bz2
cd compat-wireless-2008-07-21/
sudo patch -p1 <../patch_20080707.diff#没有这个就不能在aireplay -9 的Injection #is working
sudo make
sudo make install
sudo make load
5把最新的iwl4965微核装上
sudo cp iwlwifi-4965-2.ucode /lib/firmware/$(uname -r)
sudo rmmod iwl4965
sudo modprobe iwl4965
让其支持fakeauth
echo "options iwl4965 swcrypto=1" > /etc/modprobe.d/iwl4965
6卸载
cd /usr/src/compat-wireless-2008-07-21&&sudo make uninstall
就可以用回原来的驱动
7测试结果
-1 fakeauth inject 存在极大的漏洞,第一次成功后自他aircrack的程序就锁死
-3和-0不能一起用..
用无客户端的时候感觉是自动用了-1
因为我在airodump那看到自己
而且Packets狂升转载请注明出自中国无线论坛 http://www.wlanbbs.com/,本贴地址:http://www.wlanbbs.com/thread-221-1-1.html

纪念Sun的历史时刻

纪念Sun的历史时刻

Sun公司作为世界上顶天立地级的技术巨头之一,已经成立了将近三十年,随着不久前甲骨文(Oracle)的对其的收购,Sun很可能会逐渐淡出人们的视野,让我们从这一组图片来见证Sun成立以来起伏跌宕的历史时刻。


梦想的实现(1982)
Sun,原是斯坦福大学网络部(Stanford University Network)的缩写,源自斯坦福大学电子工程和计算机科学系的博士生Andy Bechtolsheim(下图右二)的设想,和他一起创业的还有MBA以及电子工程师Vinod Khosla(左一)、后来加入的Vinod Khosla(右一),而Sun Microsystems作为一个公司,则是由开发过UnixBSD的Bill Joy(左二)在1982年一月以第一任CEO的身份成立。

这不是披萨盒(1982)
第一代Sun工作站产品极具魅力,它基于摩托罗拉68000CPU,有着1MB的内存和百万像素级的显示器。


云计算(1984)
“云计算”的概念并不是源由Scott McNealy,而是由Sun的第五位雇员John Gage在1984年提出的。Gage是加州大学伯克利分校的一位数学讲师,但是对计算机拥有浓厚兴趣,后来成为Sun的公众形象。他预言了“云计算”的 出现,后来Sun的事业腾飞时,“云计算”一直是Sun的工作理念和方向之一。

SPARC——RISC架构商用成功的标志(1989)
RISC(精简指令集计算)架构源自伯克利分校80年代的研究,Sparc最终成为商用工作站CPU的标志。Sun对Sparc的第一个设计应用在 1986年发布,但到1989年才出现Sparc CPU的工作站。Sparc是一个开源的设计,其他公司基于Sparc开发出了其他产品,如富士通和LSI

Solaris的光芒(1991)
Sun对Solaris的描述是:“工业界第一套完善封装的分布式计算环境”,作为一个和AT&T的合作项目,Solaris将当时流行的 三大Unix发行版(BSD, System V, Xenix)合为一体。原本Solaris的开发是要在x86和SPARC两大架构上运行,但后来Solaris只在Sun系统上出现。今天Solaris成为了开源操作系统之一

Java的舞台(1995)
Java最原始的理念,是创建一种通过虚拟机跨平台运行的面向对象的编程语言。作为如今流行的编程语言之一,Java比C更安全而比Visual Basic更灵活。Java维护了一个安全的代码环境,防止了一些不安全的代码习惯,更支持分布式应用程序的开发。

Sun起诉微软(1997)
微软一直对Java怀有敌意,并暗使手段让当时如日中天的Windows系统对Java难以兼容。当Java对作为浏览器插件的ActiveX机制 造成威胁时,微软通过反编译开发了一套微软Java虚拟机默认安装在Internet Explorer上。同时微软也开发出一套和Java相类似的语言Visual J#,打算将Java程序员吸引进去.Net阵型。Sun就微软的这些行为起诉,这场官司延续到2004年,Scot McNealy 和 Steve Ballmer提出和解,而微软同意支付20亿美元的赔偿。

互联网泡沫里的泡泡(1999-2001)

随着互联网的泡沫式发展,Sun的UltraSparc服务器(同时提供基于Java的Web服务)卖得火红火热,Sun公司的估价一度飙升到2000亿美元,此时其股价达到每股247美元。但到了2001年末的熊市,Sun的股价只剩49美元。

技术的巨人(2002-2004)
经济泡沫过后,Sun发布了一系列让人难以置信的产品和技术,其中不少都在后来的市场当中获得商业上相当的成功,不过除了一项开源设 计,UltraSparc T1,一个硬件多线程的RISC架构CPU。另外,ZFS文件系统也终于获得了重视,目前被认为是最有潜力作为存储系统革命的根基技术。

Andy Bechtolsheim 的回归 (2004)

Sun通过收购Kealia公司迎回其创始人Bechtolsheim后,Sun开发出基于AMD Opteron CPU的服务器,同样卖得相当红火,同时也让Sun的x86系列服务器浴火重生。

Schwatz的掌舵(2006)
很多人没有想当Schwartz会选择当Sun的CEO,毕竟他是软件出身的,虽然极具天赋,但似乎Sun还是靠买服务器为生。在此 前,Schwartz曾对InfoWorld的编辑说,他想让Sun成为已经Java公司。谁都看得到Java的价值,然而Sun至今未能从Java获 利。

Sun收购MySQL(2008)
经过几年的调整,Sun开始恢复元气,其产品线(大多为开源)包括了服务器应用、小型机N1管理包、开发环境、企业应用整合软件、企业服务总线等等,但其缺乏数据库应用。于是并购了广受欢迎的开源数据库MySQL

Oracle收购Sun
2009年4月20日,甲骨文(Oracle)同意以47亿美金的价格并购Sun。Oracle的CEO Larry Ellison认为Sun的价值在于Java和Solaris,通过Sun的这两项产品,Oracle在2009年至少能获纯利15亿,到2010年应该 能增加到20亿。

设置控制台framebuffer分辨率

要设置控制台framebuffer分辨率要修改以下文件:

sudo vi /boot/grub/menu.lst (此与/etc/grub.conf是同一个文件)

注意/etc/X11/xorg.conf文件是修改的图形界面下的分辨率,两回事

要想系统支持framebuffer,首先要kernel里设置support,如果用的是ubuntu这种OS就不用配置kernel选项了,默认是有的,查一下cat /proc/device可以看到vedio部分fb的设备号是29,如果在/dev下没有fb0设备文件,不要手工创建,通过修改menu.lst后重启系统会自己创建,注意不要进x windows来测试,应该启动后直接进入字符控制台界面,否则可能播放的视频出现花屏现象,如果你进了图形界面,按ctrl+alt+F1,用命令sudo /etc/init.d/gdm stop关掉它然后再进行测试。

方法:在menu.lst文件中打到类似这几行:

  title XXXXOS (2.6.XX)
  root (hd0,X)
  kernel /boot/vmlinuz-2.6.XXX ro root=XXX quiet vga=0x318

在kernel那行最后添加vga=0x318或vga=792 (前面十六进制,后面十进制,参考下表)

vga=可设置的值可以用工具fbset(没有的话用sudo apt-get install fbset装),/etc/fb.modes,或sudo hwinfo –framebuffer参考,主要还是以hwinfo为主(sudo apt-get install hwinfo)

下表列出一些常用值:

# FRAMEBUFFER RESOLUTION SETTINGS
# +—————————————————————-+
# |    640×480    800×600   1024×768 1280×1024 1280×800   1600×1200
# —-+————————————————————-
# 256 | 0x301=769 0x303=771 0x305=773 0x307=775            0x31C=796
# 32K | 0x310=784 0x313=787 0x316=790 0x319=793 0x360=864 0x31D=797
# 64K | 0x311=785 0x314=788 0x317=791 0x31A=794 0x361=865 0x31E=798
# 16M | 0x312=786 0x315=789 0x318=792 0x31B=795 0x362=866 0x31F=799
# +—————————————————————-+

重启后进入控制台字符界面:
测试1: 在mplayer目录下执行
./mplayer -vo fbdev -zoom -x 1024 -y 768 xxx.wmv
(mplayer题外话:fbdev的性能与x11几乎差不多,建议还是配置成xv,就是说要跑X server)
设置-zoom -x 1024 -y 768使得全屏播放,不管你的电影是多少分辨率都会缩放到vga=0x318设置的分辨率
测试2: 字符屏幕的fb操作
清屏:sudo dd if=/dev/zero of=/dev/fb0 (因清屏后有命令执行的效果,所以后面仍有输出)
保存屏幕信息到scr1:sudo dd if=/dev/fb0 of=scr1 或 cp /dev/fb0 scr1
将scr1恢复到屏幕上:sudo dd if=scr1 of=/dev/fb0
 
更详细的显卡能支持的framebuffer mode信息请参考下面我机器上执行hwinfo后的输出信息:
$ sudo hwinfo –framebuffer | grep Mode (注意sudo一定要加,否则可能无信息输出)
Model: "NVIDIA GW-P/N@PM898486GTQ14P:0"
Mode 0x0300: 640×400 (+640), 8 bits
Mode 0x0301: 640×480 (+640), 8 bits
Mode 0x0303: 800×600 (+800), 8 bits
Mode 0x0305: 1024×768 (+1024), 8 bits
Mode 0x0307: 1280×1024 (+1280), 8 bits
Mode 0x030e: 320×200 (+640), 16 bits
Mode 0x030f: 320×200 (+1280), 24 bits
Mode 0x0311: 640×480 (+1280), 16 bits
Mode 0x0312: 640×480 (+2560), 24 bits
Mode 0x0314: 800×600 (+1600), 16 bits
Mode 0x0315: 800×600 (+3200), 24 bits
Mode 0x0317: 1024×768 (+2048), 16 bits
Mode 0x0318: 1024×768 (+4096), 24 bits
Mode 0x031a: 1280×1024 (+2560), 16 bits
Mode 0x031b: 1280×1024 (+5120), 24 bits
Mode 0x0330: 320×200 (+320), 8 bits
Mode 0x0331: 320×400 (+320), 8 bits
Mode 0x0332: 320×400 (+640), 16 bits
Mode 0x0333: 320×400 (+1280), 24 bits
Mode 0x0334: 320×240 (+320), 8 bits
Mode 0x0335: 320×240 (+640), 16 bits
Mode 0x0336: 320×240 (+1280), 24 bits
Mode 0x033d: 640×400 (+1280), 16 bits
Mode 0x033e: 640×400 (+2560), 24 bits
Mode 0x0345: 1600×1200 (+1600), 8 bits
Mode 0x0346: 1600×1200 (+3200), 16 bits
Mode 0x0347: 1400×1050 (+1400), 8 bits
Mode 0x0348: 1400×1050 (+2800), 16 bits
Mode 0x0349: 1400×1050 (+5600), 24 bits
Mode 0x034a: 1600×1200 (+6400), 24 bits
Mode 0x0352: 2048×1536 (+8192), 24 bits
Mode 0x0360: 1280×800 (+1280), 8 bits
Mode 0x0361: 1280×800 (+5120), 24 bits
Mode 0x0362: 768×480 (+768), 8 bits
Mode 0x0364: 1440×900 (+1440), 8 bits
Mode 0x0365: 1440×900 (+5760), 24 bits
Mode 0x0368: 1680×1050 (+1680), 8 bits
Mode 0x0369: 1680×1050 (+6720), 24 bits
Mode 0x037b: 1280×720 (+5120), 24 bits
Mode 0x037c: 1920×1200 (+1920), 8 bits
Mode 0x037d: 1920×1200 (+7680), 24 bits
 
1.在编内核时,要选中如下的选项;以加入 framebuffer 驱动的支持;

QUOTE:

  • VGA text console
  • Video mode selection support
  • Support for frame buffer devices (EXPERIMENTAL)
  • VESA VGA graphics console
  • Advanced low level driver options
    <*> 8 bpp packed pixels support
    <*> 16 bpp packed pixels support
    <*> 24 bpp packed pixels support
    <*> 32 bpp packed pixels support
    <*> VGA characters/attributes support
  • Select compiled-in fonts
  • VGA 8×8 font
  • VGA 8×16 font
  • 2,我们还要知道自己所用的显示卡,也有 framebuffer的驱动,所以也要一并选中,比如

    QUOTE:

    <*> nVidia Framebuffer Support
    <*> ATI Radeon display support

    intel wirless 4965 测试注入攻击能否

    aireplay -ng -9 wlan0

    SAP gateway ERROR code 1

    Gateway and CPIC Error Codes

    Error Code

    Error Text

    Error Analysis

    221

    CPIC_ERROR

    Internal CPI-C error

    222

    CANT_GET_MEMORY

    Memory bottle neck, because either the shared memory blocks or the main memory is too low.

    223

    NI_READ_FAILED

    Network read error, network problems, or partner has terminated

    224

    NI_WRITE_FAILED

    Network write error, network problems, or partner has terminated

    225

    INVALID_REQUEST

    Unknown request type in APPC header

    228

    SHM_READ_FAILED

    No longer used

    229

    SHM_WRITE_FAILED

    Attempt to write to the index area of the gateway failed

    230

    CONN_EXCEEDED

    Maximum number of connections in the gateway has been reached Increase value of parameter gw/max_conn

    233

    WRONG_COMM_TYPE

    Unknown connection type Permitted types are only:

    I for internal connections, partner is in R/3

    E for external connections, external partner

    E for external connections, partner is registered

    C for external connections, partner is in R/2

    234

    CONNECT_FAILED

    Attempt to open connection to gateway failed. Check the host name and service. If these are correct, check whether the gateway is actually running and is listening to the correct port. Your own host name(s) and the ports the gateway listen to are in the first lines of the trace file (dev_rd).

    235

    COMM_TABLE_ERROR

    Error in the administration structure that the gateway shares with the SAP System (communication table).

    236

    GW_CONNECT_FAILED

    See CONNECT_FAILED

    237

    GW_DISCONNECTED

    Connection to the gateway has been closed (CPIC-SS ), or the gateway should open a connection to a different gateway, and an earlier attempt had already failed. If the connection to another gateway fails, the next attempt is not until 60 seconds later. If connection requests arrive at this gateway during this time, they are rejected and assigned this error status.

    238

    WRITE_TO_GW_FAILED

    Network write error, network problems, or the remote gateway has been closed.

    239

    READ_FROM_GW_FAILED

    Network read error, network problems, or the remote gateway has been closed.

    240

    INVALID_LEN

    Destination length is longer than an APPC request block; or the length of the data packet is shorter than the length of the APPC header.

    242

    GW_TIMEOUT

    Connection setup to the remote gateway has been closed because timeout has been exceeded. The time limit can be set in parameter gw/timeout.

    244

    SYSTEM_DISCONNECTED

    The connection to the partner has already been closed, yet the system is still attempting to connect to the partner.

    245

    MEM_OVERFLOW

    The overflow area can no longer store the data. If a partner sends data much quicker than the partner can receive it, the data is stored temporarily in the overflow area. The size of the area is set in the parametergw/max_overflow_size. The memory is for local processes. The default is 1 MByte and you can increase this as appropriate.

    246

    WRONG_APPCHDR_VERSION

    The protocol header exchanged between gateways and CPIC/RFC clients contains an invalid version number.

    247

    GW_APPC_SERVER_DOWN

    The data could not be sent from the SAP System to the gateway. Check that the gateway is running.

    248

    TXCOM_TABLE_FAILED

    Entry in table TXCOM was not found or there is a problem with the database table itself. Check that the symbolic destination exists (transaction SM54).

    249

    COMM_TABLE_OVERFLOW

    The communication table is full. The size of the table or the number of entries is set in the parameter rdisp/max_comm_entries. The value should be at least as big as the value of parameter gw/max_conn.

    450

    C_NO_MEM

    Request for memory unsuccessful.

    Error while opening more than 100 connections to the SAP system 解决方法

    Error while opening more than 100 connections to the SAP system

    Problem

    The adapter throws the following exception when opening more than 100 connections to the SAP system.

    Microsoft.ServiceModel.Channels.Common.ConnectionException: ErrorCode=RFC_OK. ErrorGroup=RFC_ERROR_COMMUNICATION. SapErrorMessage=Connect to SAP gateway failed
    Connect_PM  GWHOST=<gw_host>, GWSERV=<gw_serv>, SYSNR=<sys_number>
    LOCATION    CPIC (TCP/IP) on local host with Unicode
    ERROR       max no of 100 conversations exceeded

    Cause

    By default, SAP does not enable more than 100 connections into the system.

    Resolution

    To increase the maximum number of connections, you must create an environment variable on the computer that has the SAP client libraries installed and set it to a numeric value. The value you specify for this environment variable is the maximum number of connections that can be made into the SAP system. Create the environment variable with the following details:

    • Variable name: CPIC_MAX_CONV
    • Variable value: any positive numeric value. For example, to enable 200 connections into the SAP system, specify the value as 200.

    恢复SAP的SAP* 帐户的初始密码

    前几天需要进SAP IDES的client 000 进行配置,无奈没有一个账号的密码是可用的,只有先把SAP* 账号从usr02 删掉才能用默认的pass进入:
    MSSQL ->   DELETE FROM ide.USR02 WHERE BNAME = ‘SAP*’ AND MANDT = ‘000’
    ABAP   ->   DELETE FROM USR02 CLIENT SPECIFIED WHERE BNAME = ‘SAP*’ AND MANDT = ‘000’
     
    然后重起SAP 服务。 登录测试后发现无效。
    最后得知ECC6.0 IDES 和4.6 ,以及之前的版本不同,后者这样做就可以了,前者还要配置一个参数 login/no_automatic_user_sapstar=0 (在usrsapIDESYSprofile)才能在丢失SAP* 的情况下用默认密码登录。 重新启动SAP 服务后可以用pass 登录。

    命令行设置网络连接

    在Windows中,如果你要设置IP地址,一般是进入“本地连接”->“属性”,手动设置要更改的IP地址。 其实,在命令行同样可以设置IP地址。如果你的IP需要在几个IP中来回切换,可以使用 netsh 命令更改:

    1. 进入CMD命令行; 点击“开始”->“运行”,输入cmd,回车,
    2. 设置IP
      • 设置动态获取IP地址(DHCP)

        C:/>netsh interface ip set address name=”本地连接” source=dhcp

      • 设置固定IP

        C:/> netsh interface ip set address name=”本地连接” source=static addr=192.168.1.2 mask=255.255.255.0 gateway=192.168.1.1 gwmetric=auto

      • 参数说明:
        1. name:网络连接名称,一般为“本地连接”。你可以在“控制面板”->“网络连接”中看到。
        2. source:获取IP的途径。动态获取,则为dhcp,手动设置,则为static
        3. addr:要设置的IP地址。
        4. mask:子网掩码。
        5. gateway:网关地址。
        6. gwmetric:网关跃点数,可以设置为整型数值,也可以设置为“自动”:auto
    3. 设置DNS
      • 自动获取DNS

        C:/> netsh interface ip set dns name=”本地连接” source=static

      • 手动设置单个DNS

        C:/> netsh interface ip set dns name=”本地连接” source=static addr=210.52.149.2 register=primary

      • 手动设置多个DNS

        C:/> netsh interface ip add dns name=”本地连接” addr=202.106.0.133 index=2

      • 参数说明:
        1. name:网络连接名称,一般为“本地连接”。你可以在 “控制面板”->“网络连接”中看到。
        2. source:获取IP的途径。动态获取,则为dhcp,手动设置,则为static。
        3. addr:要设置的IP地址。
        4. register: none: 禁用动态 DNS 注册。 primary: 只在主 DNS 后缀下注册。 both: 在主 DNS 后缀下注册,也在特定连接后缀下注册。
        5. index:设置的DNS的顺序号。
    4. 编写设置IP/DNS的批处理文件: 知道了如何设置IP和DNS后,你可以自己编写一个BAT文件:
      1. 新建一个文本文档,将后缀改为“.bat”;
      2. 编辑“.bat”文件的内容为上面的设置命令。例如:

        @echo off
        @echo 开始设置IP

        netsh interface ip set address name=”本地连接” source=static addr=192.168.1.2 mask=255.255.255.0 gateway=192.168.1.1 gwmetric=auto

        netsh interface ip set dns name=”本地连接” source=static addr=210.52.149.2 register=primary

        netsh interface ip add dns name=”本地连接” addr=202.106.0.133 index=2

        @echo on
        @echo IP已设置
        @echo off
        pause
        exit

      3. 运行时,双击这个bat文件,等待设置完成即可。

    关于winsock 一个很有用的网站

    SAP GATEWAY info SMGW

    关于SAP gateway 的动作详情正在研究中。
    发现R3 Server总是报错
    看样子是OS级的错误,而且好像和SAP的某个具体事务无关。查找10054 ,发现这是一个SAP WEB AS 引发的socket错误,具体解释如下:

    WSAECONNRESET (10054) Connection reset by peer.

    Berkeley description: A connection was forcibly closed by a peer. This normally results from a loss of the connection on the remote socket due to a timeout or a reboot.

    WinSock description: Same as Berkeley. On a datastream socket, the connection was reset. This reset could be generated locally by the network system when it detects a connection failure, or it might be received from the remote host (in TCP terms, the remote host sent a RST packet). This error is also possible on a datagram socket; for instance, this error could result if your application sends a UDP datagram to a host, which rejects it by responding with an ICMP Port Unreachable.

    User suggestions: Some network systems have commands to report statistics. In this case, it might be possible to check the count of TCP RST packets received, or ICMP Port Unreachable packets. See other suggestions under WSAECONNABORTED.

    WinSock functionsrecv()recvfrom()send()sendto()FD_CLOSE

    Additional functions: Any function that does I/O on the network could generate this error. Two functions that are conspicuously absent from the current function list above are shutdown() and close socket().

    See also: WSAECONNABORTEDWSAENETRESETWSAETIMEDOUT

     
    下面是SAP 官方的解释:
    Q: SAP-Basis SystemOperating system call recv failed (error no. 10054)
    A: Set the gw/gw_disconnect parameter to 0
    Explain:sap note 559199
    Summary
    Symptom
    Call disconnections are recorded in the syslog or dev_rd.In the syslog these appear as follows.The entries are written by the gateway reader:
    19:00:24 nefssp24_PRD_00 RD DDIC
    #Q0I Operating system call recv failed (error no. 10054)
    19:00:24 nefssp24_PRD_00 RD DDIC

    #S23 Connection to CPI-C client 218 was closed
    19:00:24 nefssp24_PRD_00 RD DDIC
    #S74 > Partner LU name:
    19:00:24 nefssp24_PRD_00 RD DDIC
    #S0R > Host: nefssp22
    19:00:24 nefssp24_PRD_00 RD DDIC
    #S0I > Partner TP Name: sapgw00
    19:00:24 nefssp24_PRD_00 BTC 21 000 DDIC
    #R49 Communication error, CPIC return code 020,
    #SAP return code 223
    #R5A > Conversation ID: 42024415
    Other terms
    Gateway 223 Q01 setup connection
    Reason and Prerequisites
    Using parameter gw/gw_disconnect, a gateway closes the TCP/IP connection between two gateways if this is not used for a specified period.The error occurs if the client side wants to restart an RFC connection but the server side deletes the TCP/IP connection.
    Warning:
    The error occurs extremely rarely – you can almost always retrace the above error message back to the errors described in note 516027.
    Solution
    Temporary workaround:Set the gw/gw_disconnect parameter to 0. Connections are no longer broken, so terminations areno longer possible.The error is definitely eliminated at the following patch levels:
    620: 380
    610: 610
    46D: 1293
    The function allowing connections between two gateways that have not been used for a long time to be closed is only available as of Kernel Release 46D. Therefore, corrections do not exist for lower kernel releases either.
     
     

    Summary

    SymptomThe error messages Q0I and R49 occur in the syslog.
    Other terms

    10054, recv failed, CPIC return code 020, SAP return code 223, SAP return code 224
    Reason and Prerequisites

    A gateway connection is terminated at TCP level. The gateway notices the termination when trying to read or write via the connection. The error is NOT caused by the gateway.

    If the connection is a WAN connection or you are using firewall software or hardware, it is likely that you have encountered the problem described in Note 743888.
    Solution

    To determine the cause of the error, you must first determine who has terminated the connection. You should therefore analyze the traces of your communication partner. If the error can be reproduced, you can use a CPIC trace to determine who terminated the connection. You should also include all firewalls in the analysis. The error is always caused by the communication partner and not by the gateway that issues the read or write error messages. To determine the cause of the error, traces of ALL relevant communication partners are required. You should run the gateway at trace level 2 (Transaction SMGW, menu option “Goto -> Trace -> Gateway -> Increase Level”), and you must generate a CPIC trace for external programs.

    Note 47682 tells you how to generate a CPIC trace.

     

    Note 743888 – GW: gw/so_keepalive profile parameter

    Symptom

    When network connections are separate by firewall software, connections are retained in the gateway because the TCP/IP network protocol does not report any connection errors.
    As a result, connections are repeatedly made to the same system over a longer period and this causes the gateway’s connection table to overflow.

    Other terms

    gw/so_keepalive, rdisp/max_gateways, gw/max_sys, SO_KEEPALIVE

    Reason and Prerequisites
    Solution

    By activating the KEEPALIVE option, the TCP/IP network protocol sends messages to the partner. If these are not answered, an error message is reported to the initiator (in this case, the gateway) and the connection can be closed. You must set the new gw/so_keepalive instance profile parameter to 1 for this.

    Note 47682 – Activating the CPIC trace

    Symptom

    Error in CPIC link to external program.
    Error code with RFC link to external program: RFC_IO5
    Error message from CPIC system is unhelpful.
    Additional key words

    CPIC, RFC, Trace, CPIC Trace, RFC Trace
    Cause and prerequisites

    Solution

    Activate the CPIC trace within the gateway or for external programs so that SAP can carry out an analysis.
    It may be that only the combination of the CPIC trace files of both communication partners (Gateway, external program) can give more information on the error in the communication. There are always two trace files; that of the gateway (dev_rd) and that of the external program CPICTRC<pid> or corresponding to the nomenclature under point 4. Below reference is still only made to CPICTRC<pid> as a name for the CPIC trace file for the external program.

      1. The communication is started from the external program outside R/3.

    ————————————————————————
    (creation of file CPICTRC<pid>)
    ——————————

    (Up to Release 3.0D)
    The trace is set in the corresponding entry in the sideinfo file or using the CPIC_TRACE environment variable.

    Sideinfo File
    ————-
    DEST=xyz

    CPIC_TRACE=

    Environment Variables
    ———————
    setenv CPIC_TRACE n (Unix)
    set    CPIC_TRACE=n (Windows, Apple, OS/2 )
    ADDENVVAR ENVVAR(CPIC_TRACE) VALUE(n) (AS/400)
    define CPIC_TRACE n (VMS)

    The trace file is in the current directory, in other words, the directory from which the program is started. Details of the generated file names are contained in point 4. Up to Release 3.0D, the gateway trace file is not influenced by this. See section 2!

    (As of Release 3.0D)
    If the external program is started and traced (CPICTRC<pid> is created) the CPIC communication for
    THIS
    connection in the gateway trace file (dev_rd) is automatically traced along with it.

      2. Creation of the gateway trace file and

    ————————————–
    starting and tracing external programs from R/3
    ———————

    Gateway
    ——-
    (Before Release 3.0C)
    You can set the trace level of the gateway trace file (dev_rd) using the program gwmon.
    gwmon nr=<SAP Instance Number>
    Menu -> Trace -> Increment/ Decrement

    (As of Release 3.0C)
    You can set the trace level of the gateway trace file (dev_rd) using the gateway monitor (Transaction SMGW) within the R/3 System.

    Tools -> Administration -> Monitoring -> System monitoring -> Gateway monitor (or directly using transaction SMGW)

    You can then choose the following
    Goto -> Trace -> Gateway -> Increase level
    to increase the trace level for the gateway trace file (dev_rd).

    Conversely, you can use
    Goto -> Trace -> Gateway -> Decrease level
    to decrease the trace level.

    You can display the contents of the trace file by choosing:
    Goto -> Trace -> Gateway -> Display file.

    Trace files and the gateway trace file (dev_rd) can be found in the R/3 System in the /usr/sap/<SID>/<INSTANCE>/work directory.

    Starting External Programs
    ————————–
    (As of Release 3.0C)
    You can create the CPICTRC<pid> of the external program in the gateway monitor within the R/3 System.

    Tools -> Administration -> Monitor -> System monitoring ->
    Gateway moditor (or directly using Transaction SMGW).

    You can then choose the following
    Goto -> Trace -> External programs -> (de)activate
    to activate or deactivate the trace for external programs.

    Activating and Deactivating the CPIC Trace
    ——————————————
    (As of Release 3.0F)
    The trace for CPIC connections can be set by maintaining the symbolic destination.

    Tools -> Administration, Administration -> Network -> TXCOM maintenance (or directly using Transaction SM54)

    If the partner is an external program, it is also traced there.
    Advantage: Both trace files dev_rd and CPICTRC<pid> are traced using trace level 2. Only this connection is traced.

    Activating and Deactivating the RFC Trace
    —————————————–
    (As of Release 3.0D)
    You can set the RFC trace by maintaining the symbolic destinations.

    Tools -> Administration, Administration -> Network -> RFC destination
    (or directly using transaction SM59)

    In the symbolic destination maintenance you can activate the trace flag. The corresponding connection is then traced. The data can by found both in dev_rfc and in the gateway trace file (dev_rd).

    (As of Release 3.1G)
    If the partner is an external program, as of this release onwards the RFC trace flag is imparted to the external program. That is, the trace file CPICTRC<pid> is also generated. In the case of older releases the trace must be specially enabled (see Starting External Programs).
    Restriction: If the external program is (only) started with
    APPLICATIONS SERVER in Transaction SM59, file CPICTRC<pid>
    is only automatically generated with Release 3.1.

    Tracing already existing connections
    ————————————————————————
    The trace for the gateway (dev_rd) can also be activated or disactivated for already existing files. This is NOT possible for the external program.

    In Transaction SMGV, call the menu options
    ‘Goto -> Existing connections’
    to get a list of the active CPIC connections. Position the cursor on the connection to be traced and choose menu options

    Edit -> Activate trace or
    Edit -> Deactivate trace.

    The connection’s conversation ID can be determined by means of Transaction SM50 where double clicking on the relevant work process displays detailed information and, for example, the conversation ID of the CPIC connection. Use the conversation ID to identify the connection in Transaction SMGW.
    If a CPIC connection is traced in the gateway (dev_rd), the corresponding line is defined in yellow. The advantage is that only this connection is traced and the amount of data is kept small.

        3. Location of Trace Files
      ———————–

    The gateway trace file can always be found in the instance work directory.

    If an external program starts the communication, CPICTRC<pid> can be found in the directory out of which the external program was started.

    If tracing is being carried out from R/3, the following rules are valid:

    1.) Possibility

    If the trace flag for an RFC destination is set in Transaction SM59, the following possibilities must be differentiated. Starting via the
    Application server: CPICTRC<pid> is located in the instance work
    directory.
    Explicit server: – When the local computer is registered as the server,
    CPICTRC<pid> is also located in the instance work
    directory.
    – When another computer is registered, CPICTRC<pid> is
    located on the remote computer. There, a user
    <SID>adm is created with the home directory in which
    CPICTRC<pid> can be found.
    Front end:         CPICTRC<pid> can be found in the directory sappcadm.

    2.) Possibility

    If the option Trace = ON is set in SM54 and the local computer is defined to execute the program, the file CPICTRC<pid> is located in the home directory of the <SID>adm. If another computer is defined to execute the external program, the file CPICTRC<pid> is on the remote computer. There, a user <SID>adm is recreated with the home directory where CPICTRC<pid> can be found.

    If you cannot find CPICTRC<pid>, check the following directories:
    – Home directory of <SID>adm on the local and remote computers.
    Normally /usr/sap/<SID>adm.
    – Instance work directory
    – sappcadm directory on the front end (only RFC with front end option)
    – Directory in which the external program was started
    (only when the external program begins the communication with R/3)

        4. File Names for CPIC Trace
      ————————-

    When you activate the trace, a trace file is created:
    CPICTRC<PID>      (UNIX, AS/400)
    or      CP<pid>.TRC       (Windows, Apple, OS/2 )
    or      CPICTRC<PID>.TRC  (VMS)

        5. Trace Level
      ———–

    The precision of the trace data depends on the trace level:

    Trace level 0: no trace
    Trace level 1: only errors are logged
    Trace level 2: flow trace and basic data trace
    Trace level 3: flow trace and complete data trace