Florian, thanks a lot. I see that a selected tcp packet can not be dropped at all. If a selected tcp packet is dropped that blocks passing of next tcp packets via this tcp connection. Is there way to bypass that? Thanks a lot. On 6/28/19, Florian Westphal <fw@xxxxxxxxx> wrote: > Valeri Sytnik <valeri.sytnik@xxxxxxxxx> wrote: >> I apply NF_DROP (instead NF_ACCEPT) to some tcp packet which >> contains some specific string known to me (say, hhhhh) >> that packet comes back to the queue again but with different id. > > Yes, TCP retransmits data that is not received by the peer. >
