Rick Jones a écrit :
Eric Dumazet wrote:
Rick Jones a écrit :
More to the point, on what basis would the application be rejecting a
connection request based solely on the SYN?
True, it isn't like there would suddenly be any call user data as in
XTI/TLI.
DATA payload could be included in the SYN packet. TCP specs allow this
AFAIK.
Yes, but it isn't supposed to be delivered until the 3-way handshake is
complete right?
Are you speaking of 20 years old BSD API ? :)
Martin, I played with libnetfilter_queue
(http://www.netfilter.org/projects/libnetfilter_queue/index.html)
With this single iptables rules, I was able to do what you want : transmit the
SYN message to a user application, that may DROP this packet or let it pass
normal TCP stack.
iptables -A INPUT -p tcp --dport 333 --syn -j QUEUE
Then hack nfqnl_test.c to meet your needs (see nfq_set_verdict(),
nfq_get_payload())
Be prepared to receive the 'same SYN' several time if your X.25 call attempt
is too long.
(You have to be root unfortunatly)
Eric
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html