From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id F331DC3A5A6 for ; Fri, 20 Sep 2019 00:21:08 +0000 (UTC) Received: from shelob.surriel.com (shelob.surriel.com [96.67.55.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id A93E0217D6 for ; Fri, 20 Sep 2019 00:21:07 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org A93E0217D6 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=vt.edu Authentication-Results: mail.kernel.org; spf=fail smtp.mailfrom=kernelnewbies-bounces@kernelnewbies.org Received: from localhost ([::1] helo=shelob.surriel.com) by shelob.surriel.com with esmtp (Exim 4.92.2) (envelope-from ) id 1iB6fB-0005AE-A8; Thu, 19 Sep 2019 20:20:41 -0400 Received: from omr2.cc.ipv6.vt.edu ([2607:b400:92:8400:0:33:fb76:806e] helo=omr2.cc.vt.edu) by shelob.surriel.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.2) (envelope-from ) id 1iB6f8-0005A8-P6 for kernelnewbies@kernelnewbies.org; Thu, 19 Sep 2019 20:20:38 -0400 Received: from mr5.cc.vt.edu (smtp.ipv6.vt.edu [IPv6:2607:b400:92:9:0:9d:8fcb:4116]) by omr2.cc.vt.edu (8.14.4/8.14.4) with ESMTP id x8K0KaVO031609 for ; Thu, 19 Sep 2019 20:20:37 -0400 Received: from mail-qt1-f198.google.com (mail-qt1-f198.google.com [209.85.160.198]) by mr5.cc.vt.edu (8.14.7/8.14.7) with ESMTP id x8K0KVmj029646 for ; Thu, 19 Sep 2019 20:20:36 -0400 Received: by mail-qt1-f198.google.com with SMTP id s14so6097185qtn.4 for ; Thu, 19 Sep 2019 17:20:36 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:in-reply-to:references :mime-version:content-transfer-encoding:date:message-id; bh=oohpQol66Fn6Cls+B/KoC9oB3GbbZoz/vpVsfEa7dHQ=; b=ryTVumPNIxlqC87+JgL2Vi2dpsN/lRx0qRiGgyCfAyGkOfUBIhAljILS+7WTgGARqj PHAOWwfWadC7ih722+fkBX1PkGdmOT1n66OmnXJaqc+tReHQ6xnzU9tsXE1IG5Dz7ynq kg4uRXJ+ci1mP4E27rZuCskzW73ja1Q5hMITJiTXRqQhx29Z3Ydw79Bi0Hr1HF8+6UO9 uv2gs5x9O6gJL/25CrgE8nlNbotR9mMlvjIv8/Y5cFx+1TMGQKuAn8uVMEqVWtG3ZgHO lW/Nt+r1Mruv2Fyz8HSEJPUj/tRYu3ImJwX0bIPOIh5XFXe84dFVO0lUVuPYTISfdn5e EQNg== X-Gm-Message-State: APjAAAWb6AHUCaxXEz/zqgSptg0Ado3A0Lf6xzBr0qAYoky7IXRO7ZFD iyJFcY/0WUS8MqSsJt2rzeOPQcbVjjmKZf9+wMu3+HMHelfNH5TrkNY9BE/nFPBtISr/K1y9Z0i +zjd/aIQn7HYsQ39FvlrWI/11ZWMNNfvBvGsWsA8= X-Received: by 2002:a37:66c8:: with SMTP id a191mr599338qkc.108.1568938831517; Thu, 19 Sep 2019 17:20:31 -0700 (PDT) X-Google-Smtp-Source: APXvYqzVy7bnq/RbdyLd1m23O+EjXRKW8TUeiTzAmgq+3XYBdFtp2J/icNNg077eXYcr5g4XX82ZQw== X-Received: by 2002:a37:66c8:: with SMTP id a191mr599326qkc.108.1568938831285; Thu, 19 Sep 2019 17:20:31 -0700 (PDT) Received: from turing-police ([2601:5c0:c001:4341::359]) by smtp.gmail.com with ESMTPSA id g3sm200886qkb.117.2019.09.19.17.20.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 19 Sep 2019 17:20:29 -0700 (PDT) From: "Valdis Kl=?utf-8?Q?=c4=93?=tnieks" X-Google-Original-From: "Valdis Kl=?utf-8?Q?=c4=93?=tnieks" X-Mailer: exmh version 2.9.0 11/07/2018 with nmh-1.7+dev To: Yadunandan Pillai Subject: Re: Query TCP states/connection tracking table in Linux Kernel Module In-Reply-To: <9kdclOrd9niFe_UB06HreTsvZDIfcz9cz0f2rGf53zMFQTfgPzmmSZfzNkSe7wSos9bOPkl60xMCP00TRM_gOKhWm7iwA3kGBCi3qGbjk_o=@pm.me> References: <9kdclOrd9niFe_UB06HreTsvZDIfcz9cz0f2rGf53zMFQTfgPzmmSZfzNkSe7wSos9bOPkl60xMCP00TRM_gOKhWm7iwA3kGBCi3qGbjk_o=@pm.me> Mime-Version: 1.0 Date: Thu, 19 Sep 2019 20:20:29 -0400 Message-ID: <238014.1568938829@turing-police> Cc: "kernelnewbies@kernelnewbies.org" X-BeenThere: kernelnewbies@kernelnewbies.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Learn about the Linux kernel List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============2184889852635229777==" Errors-To: kernelnewbies-bounces@kernelnewbies.org --===============2184889852635229777== Content-Type: multipart/signed; boundary="==_Exmh_1568938828_7098P"; micalg=pgp-sha1; protocol="application/pgp-signature" Content-Transfer-Encoding: 7bit --==_Exmh_1568938828_7098P Content-Type: text/plain; charset=us-ascii On Thu, 19 Sep 2019 06:12:46 -0000, Yadunandan Pillai said: > I'm developing a proxy system for TCP handshakes. The programmer's version of "I'm writing the Great American Novel". :) > However, I'm unable to find a way to verify an incoming ACK packet. That will depend on exactly what you mean by "verify". Are you just concerned with the TCP 4-tuple (source/dest port, source/dest address)? Or are you also checking that things like the sequence number match? (Bonus points for doing the right thing on a kernel that has syncookies enabled, and still work correctly if syncookies aren't in use) > I then ensure that they don't have a payload (therefore , confirming it is a > handshake packet with ACK flag. Note that ACK packets with no payload don't mean they're handshake packets. Look at any FTP transfer - you'll see packets going one way with data, and just ACK going back the other way. You need both SYN and ACK for it to be a handshake packet. iptables --tcp-flags SYN,ACK,... ACK <- isn't doing what you think it does. I'm wondering if you may be in over your head on this one... --==_Exmh_1568938828_7098P Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Comment: Exmh version 2.9.0 11/07/2018 iQIVAwUBXYQbTAdmEQWDXROgAQI+ug//T/pbNJZrAz3D1akawj+yM6UkfNrc25r2 IP+n0aNq2m1FGsbEEFi06Bd1KEogDj1Iek3/RPn0vKGWV+Yaxvy5zqnBZuLNCVqZ UQTjX/wAWt7VKJjdg8s4qLZZLy5996wQXpJLhHL1W20RLgUubiZo8cdld1Jkook8 Cv/SpS++2J2fE92GX/SydkqzmagidfTn+afOsTUY/BaUAJEJdLczVa7PWA0vfl+4 Zsv1JR+dMz3OifS6epGR1NptfErX3sN/ZrwN/ZZSG0yHY0x3FjaY9w5+nMSu80n6 jiD5T8+NrTsc8GbdAfsqgYf/3EkPUY7+gwnNLut+aDVnjC6MjcQI9RIaTv7u4vT7 cIQuwNnrdEAbeOnh72dRXeJstuMBjj+nbKP31/HvZ7THvm7Bc6RZ2V+APuoqiWzq nfeHenihcrmXgXD3bdsQSPQklNVmGJsou7G5cJHLduZMCvMAokXVcWGgbXzssufd 2P28dqeSddSsnbwDOwy2J2biCZag+SLXlQgK+qZNByQUFLEjd3JOapib8C+6gfZ1 eqbgj0lhyitCGM+tSEMWh4LSXhW2lBIi37mR5DYPuZcw5ccfkl+TqnDj/+Nf//X4 uZbKdLp56wxnrTWztrxQ1wD7zGDs9XczZVSow/kWT3+H1RwPIUhmBKHP0hDBGPWb ICGSoxjM8oo= =KZpc -----END PGP SIGNATURE----- --==_Exmh_1568938828_7098P-- --===============2184889852635229777== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies --===============2184889852635229777==--