Overview Network Tools Proxy64 Plugin Manager Web Application Firewall Datadog Bastillion Speed Test Network Intrusion Detection Plugin with Suricata PingProxy Driver PingProxy HAProxy-Plugin Manager Do Name Stuff ntop CloudWatch Logs Telegraf Plugin HTTPS Certs Manager VNS3 HA Plugin OWASP ZAP Container Logger plugin PacketLoss Overlay Engine
Network Tools

Table of Contents

Overview

This VNS3 Plugin provides a suite of networking tools along with SSH access, allowing users to run network diagnostics and performance tests from the VNS3 controller. The Plugin is managed by Supervisor and includes log management via log rotation.

Features

  • Comprehensive network tools for troubleshooting and analysis
  • SSH access for remote connectivity

Included Tools

Core Network Troubleshooting Tools

  • ping
  • fping
  • traceroute
  • mtr
  • dnsutils
  • net-tools
  • iproute2
  • ethtool
  • arp-scan
  • nmcli

Network Performance & Load Testing

  • iperf3
  • apache2-utils
  • speedtest-cli

Security & Port Analysis

  • nmap
  • hping3
  • whois
  • tcpdump
  • openssl
  • telnet
  • netcat
  • socat
  • lsof

Getting Started

1. Upload the Plugin Image from the Public Catalog

  1. Navigate to the Plugin Catalog, available under the Plugins left column menu section.
  2. Click Install under the Network Tools Plugin.
  3. Click Install on the resulting modal popup.

2. Start the Plugin

  1. Navigate to the Plugin Dashboard, available under the Plugins left column menu section.
  2. On the Images tab, confirm the Network Tools plugin status is “Ready” then click Start Instance from the Actions drop down menu.
  3. Provide a plugin name and optionally select the plugin IP and click Start on the resulting modal popup.

3. Configure Cloud and VNS3 Firewall for Access

  1. On the Instances tab, the Network Tools plugin IP will be displayed. This IP will be used in the two temporary Firewall rules that will be needed.
  2. Navigate to the Firewall, available under the Connections left column menu section and add the following rules substituting <plugin_ip> for the IP address of the Network Tools plugin from step 3.1:
#Let the Network Tools Plugin Access the local VNET and Internet Via the VNS3 Controller’s primary network interface
POSTROUTING -o eth0 -s <plugin_ip> -j MASQUERADE-ONCE
FORWARD -s <plugin_ip> -j ACCEPT
#Port forward port 44 to the Plugin port 22
PREROUTING_CUST -i eth0 -p tcp --dport 44 -j DNAT --to <plugin_ip>:22
FORWARD -d <plugin_ip> -j ACCEPT
  1. Open inbound port 44 (or select another port but make sure to change the Firewall rule from the previous step) access from your IP (whatismyip.com) on the VNS3 controller’s security group.

4. Configure SSH Credentials

  1. Navigate to the Plugin Dashboard, available under the Plugins left column menu section.
  2. On the Instances tab, click Manage from the Actions drop down menu for the Network Tools Plugin.
  3. On the resulting page, click the SSH button at the bottom of the left column.
  4. On the resulting modal popup, click the Create / Update User tab.
  5. Enter a username and password and click Save user.

5. Access the Plugin

  1. Open a terminal (Linux/macOS) or PowerShell/Command Prompt (Windows) and run the following command, replacing with the username created in 4.5 above and <vns3_ip> with the public IP of the VNS3 controller:
ssh -p 44 <username>@<vns3_ip>
  1. Enter the password created in 4.5 above.

Putting it all together - Using the built in TCP tools

TCP Utilities for Traffic Analysis

One of the more difficult parts of application deployment, connectivity and security in the cloud or virtual environments is the virtual infrastructure environment is not well suited to providing customers with the direct network flow to their device.

The VNS3_Base can be used to build other container plugins, but has the iftop and tcpdump utilities built in. Both utilities take a -f argument which allows libcap syntax, but display results in different ways.

To see traffic coming into your container in a graphical (curses-based) view you could execute from a shell: iftop -n -N -i eth0 -f “not port 22

To see individual packet information in a scrolling display use: tcpdump -pni eth0 -f “not port 22

Forwarding network traffic to the VNS3_Base Container

If you are using the base container to analyze traffic flowing through your VNS3 controller, you will need to forward a copy of that traffic to your container.

Forwarding traffic to the container is done with the use of firewall rules. An example is given below:

VNS3 Firewall

Enter rules to send a copy of either incoming traffic (arriving on eth0 or tun0) or outgoing traffic (leaving eth0 or tun0).

#EXAMPLE: Copy all incoming tun0 (Overlay Network) traffic to the NIDS container.
MACRO_CUST -j COPY --from tun0 --to <plugin_ip> --inbound
#EXAMPLE: Copy all outgoing eth0 (Underlay Network) traffic to the TCP Tools Container
MACRO_CUST -j COPY --from eth0 --to <plugin_ip> --outbound
NOTE: At this time analyze inbound OR outbound at any given time in order to prevent accidental traffic loops. It IS POSSIBLE to create a traffic cycle which could “brick” your controller if you create simultaneous inbound AND outbound rules with improper parameters.

Updated on 14 Feb 2025

Table of Contents