On Thu, 4 Jun 2009, Emiliano Romero wrote: > Jozsef Kadlecsik escribi?: > > The TCP keepalived packet in the output above is invalid: it's sequence > > number is wrong. > > Thanks for your reply Jozsef. After your reply I look at RFC 1122, It say: > "Some TCP implementations, however, have included a keep-alive mechanism. To > confirm that an idle connection is still active, these implementations send a > probe segment designed to elicit a response from the peer TCP. Such a segment > generally contains SEG.SEQ = SND.NXT-1" > ..."so that this SEG.SEQ will be outside the window. Therefore, the probe > causes the receiver to return an acknowledgment segment" So the packet is intentionally outside of the window :-). > When I try with a linux box sending TCP KA, I see that this sets the ACK flag > on TCP KeepAlive and that works correctly. I think that my remote equipments > (GPRS Modems) are making TCP KA is the wrong way. Or maybe the GPRS Service > Provider are touching my packets. On which device did you capture the packets? The best would be to capture at both sides, i.e. real sender and receiver. Thus one can make sure whether any device between modified packets or not. Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlec@xxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
