mirror of
https://github.com/evilsocket/opensnitch.git
synced 2025-03-04 16:44:46 +01:00
e090833d29
Using "ct state NEW" to intercept packets causes some undesired effects: We intercept packets that not only have the SYN flag set, like ACK, ACK+PSH or SYN+ACK. Mainly response packets. This means that the IPs are not always in the expected order: 443:1.1.1.1 -> 192.168.1.123:12345 which causes sometimes not to obtain the process of the connection, because the connection in the system appears as 12345:192.168.1.123 -> 1.1.1.1:443 Intercepting packets with *only* the SYN flag set seems to resolve this problem. |
||
|---|---|---|
| .. | ||
| exprs | ||
| nftest | ||
| testdata | ||
| chains.go | ||
| chains_test.go | ||
| monitor.go | ||
| monitor_test.go | ||
| nftables.go | ||
| parser.go | ||
| rule_helpers.go | ||
| rules.go | ||
| rules_test.go | ||
| system.go | ||
| system_test.go | ||
| tables.go | ||
| tables_test.go | ||
| utils.go | ||
| utils_test.go | ||