问题
using hping, I send SYN packet, second peer is listening and replies with SYN/ACK, but hping (or linux kernel does it I guess) sends RST after receiving SYN/ACK.
Is there anyway I can stop my machine sending RST after receiving SYN/ACK?
thanks.
回答1:
This command should drop any TCP packet with the RST flag set your machine would send to the specific destination:
iptables -I OUTPUT 1 -d <destination> -p tcp --tcp-flags RST RST -j DROP
to revert it, use:
iptables -D OUTPUT -d <destination> -p tcp --tcp-flags RST RST -j DROP
An alternative is to block all incoming TCP packets with SYN+ACK flags set from the specific source (i.e. the packets that cause the RST):
iptables -I INPUT 1 -s <source> -p tcp --tcp-flags SYN,ACK SYN,ACK -j DROP
to revert it, use:
iptables -D INPUT -s <source> -p tcp --tcp-flags SYN,ACK SYN,ACK -j DROP
Works for me with hping3 -S -p 22 <destination>
来源:https://stackoverflow.com/questions/33741002/hping-send-syn-how-not-to-send-rst-after-receiving-syn-ack