> > > On 04/09/14 12:17, Dale Mellor wrote: > > > I want to do TCP with raw sockets. How can I filter away the > > > kernel's > > > RST/ACK/SYN response messages when I want to do this myself? > > > > > > On Thu, 2014-09-04 at 13:16 -0300, Leonardo Rodrigues wrote: > > you'll probably need to tweak the kernel itself for that. If you > > wanna do all the 'dirty work', why not use UDP instead of TCP ?? > > > > > > On Thursday, September 4, 2014 at 9:27 PM, Dale Mellor wrote: > > I need to tunnel TCP (specifically telnet) through a space link to a > > spacecraft in orbit (don't worry, security exists in the link > > layer). > > But of course I need the SYN/ACKs to come from the spacecraft itself > > (rather than the ground-station PC) so I know when I can send > > commands > > up. I'm going to try to use the iptables' QUEUE target and a > > user-space > > packet filter, thinking that if I reject the incoming SYN it will be > > dropped without further ado, and then I can synthesize a response > > later > > with a raw socket. > > > > > > Any thoughts people may have on this would likely be useful. > > On Thu, 2014-09-04 at 22:06 -0700, Payam Chychi wrote: Why would the syn-ack come from the ground pc and not the space station? Are you proxying this? If so, there are other ways todo this ... I thought this list had rules about not top-posting? Anyway, the point is I don't want the syn-ack to come from the ground, but the Linux kernel insists on sending it. That's what I want to filter out, or otherwise stop. In case I haven't been clear, the PC is the gateway to the spacecraft; effectively, it _is_ the proxy. When a telnet client (on the ground) connects to the gateway (on the ground), the gateway is responding to the SYN when I don't want it to. Dale
Attachment:
signature.asc
Description: This is a digitally signed message part
