How to destroy a TCP connection using tcp.reset
I have written an HTTP traffic filtering application. I can drop a packet and now I need to reset the connection using tcp-reset flag instead of dropping the packet.
When I set the packet's tcp.reset, Ubuntu's Network stack does not destroy the tcp connection. I tested the case with iperf3 and the relevant part of pcap log is below. I'm think I did the right thing but I could not understand where the problem is?
20:08:39.824960 IP 192.168.2.125.58058 > 192.168.2.200.5201: Flags [.], seq 27512:31856, ack 1, win 229, options [nop,nop,TS val 138003069 ecr 44499133], length 4344
20:08:39.824967 IP 192.168.2.200.5201 > 192.168.2.125.58058: Flags [.], ack 31856, win 3330, options [nop,nop,TS val 44499133 ecr 138003069], length 0
20:08:39.825254 IP 192.168.2.125.58058 > 192.168.2.200.5201: Flags [.], seq 31856:43440, ack 1, win 229, options [nop,nop,TS val 138003069 ecr 44499133], length 11584
20:08:39.825274 IP 192.168.2.200.5201 > 192.168.2.125.58058: Flags [.], ack 43440, win 3344, options [nop,nop,TS val 44499133 ecr 138003069], length 0
20:08:39.825809 IP 192.168.2.125.58058 > 192.168.2.200.5201: Flags [.], seq 43440:46336, ack 1, win 229, options [nop,nop,TS val 138003069 ecr 44499133], length 2896
20:08:39.825845 IP 192.168.2.200.5201 > 192.168.2.125.58058: Flags [.], ack 46336, win 3344, options [nop,nop,TS val 44499133 ecr 138003069], length 0
20:08:39.826031 IP 192.168.2.125.58058 > 192.168.2.200.5201: Flags [.], seq 46336:65160, ack 1, win 229, options [nop,nop,TS val 138003069 ecr 44499133], length 18824
20:08:39.826067 IP 192.168.2.200.5201 > 192.168.2.125.58058: Flags [.], ack 65160, win 3322, options [nop,nop,TS val 44499133 ecr 138003069], length 0
20:08:39.826450 IP 192.168.2.125.58058 > 192.168.2.200.5201: Flags [.], seq 65160:98464, ack 1, win 229, options [nop,nop,TS val 138003069 ecr 44499133], length 33304
20:08:39.826498 IP 192.168.2.200.5201 > 192.168.2.125.58058: Flags [.], ack 98464, win 3246, options [nop,nop,TS val 44499133 ecr 138003069], length 0
20:08:39.827222 IP 192.168.2.125.58058 > 192.168.2.200.5201: Flags [.], seq 98464:128872, ack 1, win 229, options [nop,nop,TS val 138003070 ecr 44499133], length 30408
20:08:39.827259 IP 192.168.2.200.5201 > 192.168.2.125.58058: Flags [.], ack 128872, win 3261, options [nop,nop,TS val 44499134 ecr 138003070], length 0
20:08:39.827437 IP 192.168.2.125.58058 > 192.168.2.200.5201: Flags [P.], seq 128872:131072, ack 1, win 229, options [nop,nop,TS val 138003070 ...
Can you provide the packet capture? See https://blog.packet-foo.com/2016/11/t... if you need to sanitize the packets first.
I tried to provide the capture but I don't have enough point. I can send it via e-mail?