On Thu, Feb 11, 1999 at 11:11:51PM +0100, Tore Reimers wrote:
>
> [ I wrote : ]
> > > Sometimes when I am finished with a net surfing session, my link stays up.
> > > Seems like there is some sort off www traffic going on even after I exit
> > > Netscape. Output from tcpdump:
> > > 21:39:13.800157 mp-38-119.daxnet.no.8679 > leo.smart.net.www: F 0:0(0) ack
> > > 1 win 2048
This is a general problem with TCP connections being open after
the link goes down. The problem is that these TCP connections
become almost impossible to kill, bwcause they are working with
your old dynamic IP address, which you don't have any more. So
any packets sent out have the wrong source, and none of the answers
ever get to you.
> [ Cary O'Brien wrote: ]
> [SNIP!]
> > The F means the packet has the FIN (finish) flag set. The 867x port numbers
> > are the port numbers on your end that (probably) netscape was assigned
> > when it opened tcp/ip connections to talk to leo.smart.net. Netscape
> > likes to do lots of transfers in parallel.
> [SNIP!]
And apparently Netscape likes to keep sockets open but inactive
which fools diald into thinking the PPP connection is dead (and it
missed the close), Diald closes down the connection and when
Netscape decides to close the TCP connection (eg because you
close down Netscape or move to a different server) you have the
hanging socket problem.
> I made a filter rule which filters out the FIN packets, and placed it
> ahead of the "normal" tcp.dest/source rules. Parts of my now modified
> /usr/lib/diald/standard.filter ( = "nonstandard.filter"?... :-) ) :
This is good and useful fix, especially for the Netscape problem.
But it only works for the case that we are trying to *close* a
dead connection. The other case, where some program is trying
to *communicate* over a stuck TCP connection will still be a
problem.
The solution in 2.0.3x is to use RST-provoking. You can read
about it in /usr/src/linux/Documentation/ip_dynaddr.txt, or
just switch it on with
echo 5 > /proc/sys/net/ipv4/ip_dynaddr
or echo 7 for the verbose version. In 2.2 this solution
has been rejected as being too messy. A better solution
would be to modify /proc/netstat to output TCP sequence
numbers. Then you could make a program (to be called from
/etc/ppp/ip-down) that would forge RST-packets from the
remote hosts associated with the old TCP address (which you
won't get again because of dynamic addresses). I haven't
had time to implement this, (I was planning to look at
the script-kiddie code on rootshell.org for inspiration)
but it would solve a lot of dynamic-address problems once
and for all.
--
Erik Corry [EMAIL PROTECTED] Ceterum censeo, Microsoftem esse delendam!
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
