Dk Jack <dnj0496@xxxxxxxxx> wrote: > > accept() does not return until after 3whs has compleed, so I am not sure > > what you mean by this. > > > > TPROXY associates the initial packets with the listening socket, > > not the IP stack. After 3whs has completed, a socket that matches > > the tuples in use will exist and ip stack can work normally. > > Interesting... where would the syn-ack go to? In my setup I have the following: > > my app > | > client <----> eth0 <--> br0 <---> eth1 <---> server > > In this case, when the bridged system (which consists of eth0, eth1, > br0 and my app) > receives the syn packet, where does it send the syn-ack to? is it to > the client that is > initiating the connection or is it to the server which the original > syn was destined to? The client. The server is never contacted (unless your application does so).
