Score:0

Server

Network Monitoring on Linux (RHEL/CentOS)

User9523

7/7/23, 8:30 AM

I am trying to monitor outgoing network traffic on a Virtual Machine running CentOS (Guest) on a Windows Machine (Host).

I installed Fiddler on the Host Machine (Windows) and allowed remote connections on it so that I can use it as a proxy on the Guest Machine (CentOS).

I am trying to install tableau-server on the Guest Machine (CentOS), and interested in checking the outgoing traffic or the endpoints it uses for it's activation process. So, while activating tableau-server I pass the proxy, setup via Fiddler to monitor all the traffic.

But the problem is, when I activate tableau-server, I do not get any outgoing traffic, which I think is not possible. To be sure, I disabled internet connectivity on the Guest Machine (CentOS) thinking it's an offline process, but the activation fails and complains about internet connectivity.

That means, it needs to connect to some endpoints. But then, why am I not getting anything in Fiddler logs ?

Is it possible that the activation process uses a different protocol instead of http/https ? If yes, is it possible to whitelist such requests via proxy ?

Can anyone help on this ?

Thanks in advance.

Network Configuration for the VM:

(I can surf the internet on the VM)

0 + 0

proxy

network-monitoring

whitelist

inframan

7/7/23, 9:21 AM

The best way to be sure of what kind of protocols are incoming/outgoing should be first to use Wireshark (for lower layers), and when you're sure go to Fiddler (~higher layer). Wireshark may need some filters to check what you need but it really powerful.

User9523

7/7/23, 9:29 AM

@inframan Thanks for your response. So, is my understanding correct that the activation process is using a different protocol than http/https and that is why Fiddler cannot catch it as it only monitors http/https traffic ?

inframan

7/7/23, 9:36 AM

I don't know, maybe your application flow is kind of encapsulated, so the best way to be sure is to have a first monitoring with wireshark (for i.e with ip.addr filters to only monitor flow between your 2 hosts). Moreover, you should share your network configuration on your virtual machine. To check if this allow/deny to go through internet

User9523

7/7/23, 9:41 AM

@inframan Please check the configuration added above.

inframan

7/7/23, 9:45 AM

If you're able to go to internet in that way, why don't you install fiddler on your CentOS VM directly instead of installing it on your windows host ?

User9523

7/7/23, 9:47 AM

Actually, I tried but not able to install. Also, Fidder Classic for windows is free, whereas Fiddler Everywhere is a trial. Plus, the idea was to emulate a proxy server.

Score:0

Server

inframan

7/7/23, 9:48 AM

Here's some pre requisites to activate Tableau with proxy use https://help.tableau.com/current/server-linux/fr-fr/activate.htm

Maybe you missed those requirements.

0 + 0

User9523

7/7/23, 9:53 AM

These conditions were covered. The problem here is NETWORKING. I have just added another screenshot regarding wireshark. Can help me with the section which would capture the traffic from VM ? For example, the section marked with RED, that would help me ?

inframan

7/7/23, 2:28 PM

From your original screenshot, you should use Wi-Fi as it's the only one who got traffic (and as your VM is bridged to your computer adapter, you should be able to see all the traffic)

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Network Monitoring on Linux (RHEL/CentOS)

TH: การตรวจสอบเครือข่ายบน Linux (RHEL/CentOS)

RO: Monitorizarea rețelei pe Linux (RHEL/CentOS)

RU: Мониторинг сети в Linux (RHEL/CentOS)

VI: Giám sát mạng trên Linux (RHEL/CentOS)

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.