Hi,
more or less often i see SYN packets, which don't ACK nor RST
my SYN+ACKs, which then retries. My idea was to use something
as this in output hook:
tcp flags syn,ack / syn,ack ct reply packets gt 1 counter
But the counter stays on zero. I tested it with hping and spoofed
IP and the tcpdump shows expected count of retries, when i check
conntrack output i see packets=1 in both directions, thus i guess
that ACK+SYN retries are not counted separately. Am i right?
Please, have i to touch some more settings or just to use another
approach? In iptables i use some connmark magic for that, which i
want to avoid...
regards
--
Slavko
https://www.slavino.sk/
