[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] tor/netfilter: packets without uid

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] tor/netfilter: packets without uid
From: coderman <coderman@xxxxxxxxx>
Date: Fri, 11 May 2012 16:43:43 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 11 May 2012 19:43:56 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=DYBjo41yxH3e9nLMpHy7uTeEyZl8srRbTruZiQlpgLo=; b=zdoAb0SejevebdIz61+hL2Myapr3Byvoz0lTM+S0d/Uli/cf1Z0SqWNbJICUO/g3GU NQ60/dAj4kUcjl2hLwdgb9v7GZboR1eBwMBbPUlx8BbFFn+DrR/XQOCyOIyxA12VJuHx n7HhdL7VCRx72TBvQ0ch9106JUj95wAjeF0JKD+NWrAwMIUokhSeqA53Taj5w9mqt6rl XHye+tCmSnraiVXvZ0EmZk5CQURxRiCltg6YC/EQOiE2hjp2PCQAoHDf/6WbBbzXniZo WekfIHetvtIEzUuQwHyLI5XNk4L65EuRZ2d374/7rSmFiqGdX13vQ+IU2odcI/fZ1Zhy gXTQ==
In-reply-to: <4FAC8CE8.2080508@xxxxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <N1R-AGMzapz9RD@xxxxxxxxxxxxx> <4FAC8CE8.2080508@xxxxxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

On Thu, May 10, 2012 at 8:52 PM, Marsh Ray <marsh@xxxxxxxxxxxxxxxxxx> wrote:
> ...
>> How is it possible for a packet not to have an associated uid?
>...
> I'm not a netfilter expert, but it looks this is a pure TCP ACK packet. With
> LEN=40 there's no application data in it. It may have been auto-generated by
> the kernel as a reply to the external packet and never tagged with a user
> for that reason.

if the application closes a socket there are time wait states that
retain the socket ip:port endpoint in kernel land without an
associated application user ID.

try disabling time wait to confirm. if it is indeed sockets locally
closed but still receiving (and ACK'ing) you may get a little extra
bandwidth dropping them (remote re-sends until timeout) but it
shouldn't affect functionality.
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] tor/netfilter: packets without uid
  - From: Jacob Appelbaum

References:
- [tor-talk] tor/netfilter: packets without uid
  - From: johnmurphy323
- Re: [tor-talk] tor/netfilter: packets without uid
  - From: Marsh Ray

Prev by Author: [tor-talk] nagios check for bridge relays?
Next by Author: Re: [tor-talk] Setting up redirection to TORs transparent proxy
Previous by thread: Re: [tor-talk] tor/netfilter: packets without uid
Next by thread: Re: [tor-talk] tor/netfilter: packets without uid
Index(es):
- Author
- Thread