TCP packets with RST flag set but **not** ACK flag OK??

Chris Brenton cbrenton at chrisbrenton.org
Mon Apr 11 21:49:21 CEST 2005


On Mon, 2005-04-11 at 15:18, Christian Seberino wrote:
>
> I think RFC 793 requires TCP stacks to send RSTs if they
> get packets not meant for them in some cases.  Anyone know which
> cases?

Pretty much all. The exceptions I can think of off the top of my head:
In response to a RST
In response to a FIN to an open port (MS returns a RST/ACK)

> For example, I think closed ports must send RSTs if they
> get stuff.

Agreed.

> Even if YES, it seems a firewall could drop any RSTs that
> don't have ACK set without damage right?

The only condition I can think of off the top of my head that will
return a RST instead of a RST/ACK is in response to an unsolicited ACK
sent to either an open or closed port. So they do happen in the wild.

HTH,
Chris








More information about the netfilter mailing list