> I'm failing at connection establishment. I can squirt the packet out using > libnet and get a reply using pcap, but the connection-initiating TCP seems > to be generating a RST on my behalf before I can transmit the third packet > of the handshake.
[ ... ] > The libnet code to transmit packets exists solely in my pcap callback, and I > know I'm not sending a RST. > > I thought the libnet_init() call would make its underlying socket known to > the kernel so that the kernel would know about incoming traffic on that > port. > > Am I SOL, or just being dumb? > > Pointers to doc or appropriate code samples will save the day. I'll post > here anything I find separately as well if there's interest. you're going to have to install a firewall rule on the host to block incoming TCP from the TCP stack, or the kernel will see the SYN-ACK and decide it has no recollection of sending a SYN and send a RST. there's no portable way to do this. i think sting is one example of an application that does this, but the firewall code in it only works with FreeBSD 4.X Matthew - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
