> accept() does not return until after 3whs has compleed, so I am not sure
> what you mean by this.
>
> TPROXY associates the initial packets with the listening socket,
> not the IP stack. After 3whs has completed, a socket that matches
> the tuples in use will exist and ip stack can work normally.
>
Interesting... where would the syn-ack go to? In my setup I have the following:
my app
|
client <----> eth0 <--> br0 <---> eth1 <---> server
In this case, when the bridged system (which consists of eth0, eth1,
br0 and my app)
receives the syn packet, where does it send the syn-ack to? is it to
the client that is
initiating the connection or is it to the server which the original
syn was destined to?
