On 1/22/21 8:28 AM, Johnson, Andrew N. via Tech-talk wrote:
> On Jan 22, 2021, at 7:41 AM, Mark Rivers <rivers at cars.uchicago.edu <mailto:rivers at cars.uchicago.edu>> wrote:
>>
>> I think this happened when he installed a new EPICS IOC at an APS beamline. Perhaps it is a port scanner on the CA ports, rather than a real CA client?
>
> I looked up that IP address and yes, his IOC is getting port-scanned, it’s not an ancient client. The IOC doesn’t currently have the smarts to recognize this, but we could do something about it since the cmmd field value shown is way out of range for a real CA message. At least we can improve that message...
Yup. eg. just print the received header in hex.
This would make it easier to interpret, and notice
that eg. cid=0x54502f31 and available=0x2e310d0a
add up to "TP/1.1\r\n".
A nice little codeathon project.
> - Andrew
>
>> ________________________________
>> From: Johnson, Andrew N. <anj at anl.gov <mailto:anj at anl.gov>>
>> Sent: Thursday, January 21, 2021 11:16 PM
>> To: Mark Rivers
>> Cc: tech-talk at aps.anl.gov <mailto:tech-talk at aps.anl.gov>
>> Subject: Re: Strange CAS error
>>
>> Hi Mark,
>>
>> This is from the release notes for 3.16.1, from about 5 years ago:
>> Channel Access "modernization"
>>
>> Drop support for CA clients advertising protocol versions less than 4.
>>
>> This effects clients from Base older than 3.12.0-beta1. Newer clients will continue to be able to connect to older servers. Older clients will be ignored by newer servers.
>>
>> This allows removal of UDP echo and similar protocol features which are not compatible with secure protocol design practice.
>>
>> Another possibility is that some other non-EPICS device may be opening a TCP socket and sending data to the IOC server that it thinks might be the start of a legitimate connection.
>>
>> If your colleague has a client built against a CA client library that predates 3.12.0-beta1 which can’t be recompiled, it should be possible to put a CA gateway between it and the newer IOC to do the appropriate protocol translation.
>>
>> - Andrew
>>
>> --
>> Complicity is easy, Simplexity takes real work
>>
>> On Jan 21, 2021, at 6:37 PM, Mark Rivers via Tech-talk <tech-talk at aps.anl.gov <mailto:tech-talk at aps.anl.gov>> wrote:
>>
>> A colleague is running an IOC on which he is seeing these messages:
>>
>>
>> CAS: request from 146.137.70.29:47932<http://146.137.70.29:47932/ <http://146.137.70.29:47932/>> => CAS: Client version too old
>> CAS: Request from 146.137.70.29:47932<http://146.137.70.29:47932/ <http://146.137.70.29:47932/>> => cmmd=18245 cid=0x54502f31 type=12064 count=18516 postsize=21536
>> CAS: Request from 146.137.70.29:47932<http://146.137.70.29:47932/ <http://146.137.70.29:47932/>> => available=0x2e310d0a N=0 paddr=0000000000000000
>>
>>
>> I have never seen those before. What cause cause a "Client version too old" error?
>>
>>
>> Thanks,
>>
>> Mark
>>
>>
>
> --
> Complexity comes for free, simplicity you have to work for.
>
- References:
- Strange CAS error Mark Rivers via Tech-talk
- Re: Strange CAS error Johnson, Andrew N. via Tech-talk
- Re: Strange CAS error Mark Rivers via Tech-talk
- Re: Strange CAS error Johnson, Andrew N. via Tech-talk
- Navigate by Date:
- Prev:
Re: Interfacing HP3458A DMM using LinuxGPIB. Michael Davidsaver via Tech-talk
- Next:
enabling pvaccess Randall Cayford via Tech-talk
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
<2021>
2022
2023
2024
- Navigate by Thread:
- Prev:
Re: Strange CAS error Johnson, Andrew N. via Tech-talk
- Next:
Interfacing HP3458A DMM using LinuxGPIB. Kuldeep Joshi via Tech-talk
- Index:
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
<2021>
2022
2023
2024
|