[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [lwip-users] TCP SYN to UDP port
From: |
Esa Hill |
Subject: |
Re: [lwip-users] TCP SYN to UDP port |
Date: |
Mon, 18 Apr 2016 10:32:42 +0000 |
Thank you for this information. We will implement an option for this if the
certification lab elevates this issue.
I already studied it a bit, but I wasn't sure where I could get information
that we are handling a UDP socket there. Or could I assume that it's not a TCP
socket and therefore skip the RST?
I forgot to say that we have a list of open ports and we will drop all IPv4
packets in Ethernet driver layer if we don't have the destination port open.
That is why there are no RST responses to the other ports. This is been done
just to save resources.
Br,
Esa Hill
-----Original Message-----
From: lwip-users [mailto:address@hidden On Behalf Of Simon Goldschmidt
Sent: 18. huhtikuuta 2016 10:45
To: address@hidden
Subject: Re: [lwip-users] TCP SYN to UDP port
Esa Hill wrote:
> When nmap scan is executed against our device (LwIP 1.4.1), it
> responds with RST for SYN even when the socket/port is listening only UDP
> “connections”.
>
> Is this correct behavior (does some RFC say something about this?) or
> should it just drop silently the SYN packet as it does for unused ports?
> This came up in one certification process (they see it as a problem).
Yes, this is correct behaviour. Any correct packet that does not match a pcb
should be answered with RST (unless it is a RST itself).
Not sending a RST in response is often done by devices to "hide" their
presence, but I'm not sure this is really safer to do...
Also I can't tell you right now if there is an lwIP setting to do so, but I
think not.
> Nmap results:
> 49998/tcp filtered unknown
> 49999/tcp filtered unknown
> 50000/tcp closed ibm-db2
> 50001/tcp filtered unknown
> 50002/tcp filtered iiimsf
That's strange. You should see a RST on all ports. Unless you have a resource
problem.
As Sergio already said there is absolutely no interconnection between UDP and
TCP.
Simon
_______________________________________________
lwip-users mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/lwip-users
Re: [lwip-users] TCP SYN to UDP port, Sergio R. Caprile, 2016/04/18