owner module

[Antony Stone]

On Tuesday 10 August 2004 6:38 pm, Daniel Boy wrote:

> Hello,
>
> The ethereal-log shows that the CLIENT is possible
> to send the FIN,ACK. The SERVER responds with a
> FIN,ACK and then waits for the leading ACK from the
> CLIENT. But the "--cmd-owner" statement has gone
> false before the last ACK could be send.
>
> If I take out the "--cmd-owner" the last ACK is send.

That seems like a good solution to me.   Use the owner match for the NEW 
packets, and then just accept all ESTABLISHED packets (independent of owner) 
after that.

No process other than the one you want will be able to send the first packet, 
so there will be no established connections except from the correct 
processes.

Regards,

Antony.

-- 
"Linux is going to be part of the future. It's going to be like Unix was."

 - Peter Moore, Asia-Pacific general manager, Microsoft

                                                     Please reply to the list;
                                                           please don't CC me.