[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] tor/netfilter: packets without uid
On Thu, May 10, 2012 at 8:52 PM, Marsh Ray <marsh@xxxxxxxxxxxxxxxxxx> wrote:
> ...
>> How is it possible for a packet not to have an associated uid?
>...
> I'm not a netfilter expert, but it looks this is a pure TCP ACK packet. With
> LEN=40 there's no application data in it. It may have been auto-generated by
> the kernel as a reply to the external packet and never tagged with a user
> for that reason.
if the application closes a socket there are time wait states that
retain the socket ip:port endpoint in kernel land without an
associated application user ID.
try disabling time wait to confirm. if it is indeed sockets locally
closed but still receiving (and ACK'ing) you may get a little extra
bandwidth dropping them (remote re-sends until timeout) but it
shouldn't affect functionality.
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk