Mysql Router not sending Write request to R/W instance

I am doing InnoDB Cluster Group Replication for the first time. I stuck at the last step Mysql Router. Mysql Router is configured with bootstrapping, But the main issue is MySQL router does not send the write request to the Primary R/W instance after failover. After failover primary become node instance and the Error says The MySQL server is running with the –super-read-only option so it cannot execute this statement

I am following this tutorial

Thanks in advance

Whether can mysql router connects to several MySQL InnoDB CLuster?

As suggested by MySQL, we can install MySQL Router service on application server.But how to configure the MySQL Router service when it needs to connect to several MySQL InnoDB Cluster?

For example, we have 2 InnoDB Clusters ClusterA and ClusterB.The applications connecting to the 2 clusters are under same host HostA.How can we configure in the mysql router on HostA, then we can use mysql router to connect 2 clusters.

Using lulu on osx in home business setup. Any reason for external router base firewall?

I have Lulu setup under osx on my Mac. So say an errant program, curl, if it tries to access outside address is stopped.

Would an external router based firewall bring any extra level of protection? I surmise that it will not be fine-grained enough to stop a particular process.

I believe that outgoing request are more risky than incoming request as I do not have any programming listening for request. e.g. No web server enabled.

What use would external router based firewall bring?

How can a vulnerable router be exploited?

Sometimes I come across articles that write about vulnerable IoT-devices and that there are a lot of routers that are not sufficiently protected.

I own a router myself which has SSH access and I was wondering what possible attack vectors exist because I can’t think of many except forwarding ports by looking up the ARP table and even then you need to know what kind of device is at the other end.

I also don’t understand how malware could for example take over my router and add it to a botnet when it is not possible to execute shell commands, usually you can only execute commands within a (I presume) secured environment and that is limited to a few commands. So they should not be able to upload a binary and execute it.

Router Security Warning in Logs

I’m getting regular attacks

2020-07-29 14:44:42 Security Warning ‭Intrusion -> SRC= DST= LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=63607 PROTO=TCP SPT=52363 DPT=1433 WIN‭ 

it’s every 10 mins as I can see

I changed wifi password and made it hidden AP and the attacks still coming.

I even disconnected all devices and the logs keep getting this attack

Should I be worried?

2020-07-29 14:54:05 Security Warning ‭Intrusion -> SRC= DST= LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=40337 PROTO=TCP SPT=42068 DPT=3378 WINDO‭ 

What’s exactly my router querying on these addresses?

I’m trying to understand how my router works so I’m analyzing a couple of outputs (I logged in through SSH). I get these lines when trying netstat -a -e, and I’m not sure where do these addresses come from, or what they are exactly doing.

The is the IP address that my router gets from the ISP router (WAN).

tcp  0 0 ESTABLISHED  tcp  0 0 ESTABLISHED  tcp  0 0 ESTABLISHED  tcp  0 0 ESTABLISHED  tcp  0 0 ESTABLISHED  tcp  0 0 ESTABLISHED    tcp  0 0 ESTABLISHED  tcp  0 0 ESTABLISHED  

Why Man In The Middle (MITM) is not working with my Huawei router?

Man-in-the-Middle is not working with my router (Huawei) on my Windows machine/any device.

But it works with another router on my same Windows machine/any device.

When I doing MITM with Huawei router:

Linux MAC: a0:af:bd:c5:21:87   Router's MAC: 7c-11-cb-1f-ad-85 

My Windows ARP table before doing MITM on it:

c:\Users\acer>arp -a  Interface: --- 0x4  Internet Address        Physical Address      Type             7c-11-cb-1f-ad-85     dynamic           ff-ff-ff-ff-ff-ff     static             01-00-5e-00-00-16     static 

arpspoof script to do MITM:

1st terminal:

arpspoof -i wlan0 -t 

2nd terminal:

arpspoof -i wlan0 -t 

Then the Widows machine ARP table is:

c:\Users\acer>arp -a  Interface: --- 0x4  Internet Address        Physical Address      Type             7c-11-cb-1f-ad-85     dynamic           a0:af:bd:c5:21:87     dynamic           ff-ff-ff-ff-ff-ff     static             01-00-5e-00-00-16     static 

I tried with bettercap, ettercap, my own python script and I done ‘echo 1 > /proc/sys/net/ipv4/ip_forward’ in Linux. It is still not working! Not capturing anything.

The expected ARP table on Windows:

Interface: --- 0x4  Internet Address        Physical Address      Type             a0:af:bd:c5:21:87     dynamic           ff-ff-ff-ff-ff-ff     static             01-00-5e-00-00-16     static 

Redirect Ip Address (not dns) with Router [closed]

I have an IOT System that works the following way: The IOT bridge makes a TCP Handshake with a server in china with a static ip address 47.255… (bridge sends syn the china server sends syn ack and then bridge ack)

Then the bridge sends MQTT Connect Command to the chinese server (This includes a client id, user name, and a password) The server just sends an accept back.

After that I can use a smartphone app to control the bridge: The smartphone sends a MQTT packet to the china server and the server sends the exact same packet to the bridge (Only the source/destination ips and mac addresses get changed from server to bridge)

I want to remove the chinese server completely from this equation and want to simulate it with my own pc.

So my pc should get every packet that gets send to the chinese ip. The bridge is in wifi so I have to change this in the router.

Are there easy ways to redirect ip addresses with your router? Or is it possible to directly modify the packets with the router and change the ip address of the packet.

The Bridge doesn’t use dns to find the chinese ip address so I can’t use a pihole or similar dns spoofing tools.

And if this works I guess my pc has to spoof it’s source ip address in the packages to the chinese server or the tcp protocol won’t accept the connection with different destinations–>sources.