On Fri, 11 May 2012, James Harper wrote:
On Fri, 11 May 2012, James Harper wrote:
Is it possible to have netfilter generate keepalive packets for connections? I have some proprietary windows services that communicate with each other through a few Linux routers, and I suspect that some connections are timing out (or being selected for purging from the connection tracking due to other more-active connections).
Sounds like
http://en.wikipedia.org/wiki/Transmission_Control_Protocol#Connection_hi jacking
to me.
But even if you get the sequence right - the real sender will send one with the same sequence. That doesn't look good..
AFAIK, keepalive packets is that they don't send any actual data so the sequence and ack numbers remain the same.
You are right that they re-use sequence numbers. http://www.pcvr.nl/tcpip/tcp_keep.htm Regards Peter