1
I want to stop sending RST to specific IP(192.168.56.101) on Mac OS X.
I enter this command. But it still send RST.
sudo ipfw add drop tcp from 192.168.56.1 to 192.168.56.101 in tcpflags rst
What do I change this command?
uyreee
Posted 2014-08-18T07:51:29.423
Reputation: 11
1
Thx for your clues.Finally,I got there.
first.add this line to /etc/pf.conf
block drop proto tcp from 172.31.82.98 to 103.214.68.23 flags R/R
then load the pf rules with
sudo pfctl -f /etc/pf.conf
then enable the pf rules with
sudo pfctl -e
Tony Lee
Posted 2014-08-18T07:51:29.423
Reputation: 11
Unfortunately you don't give any background info, but it seems you are trying to solve the wrong problem. If the system sends a RST packet, the socket which was used will be closed, thus allow no further communication. IMHO it would be better to check the application for errors and see why it sends an RST segment. – mtak – 2014-08-18T09:23:26.983
1I want not to send rst packet when system receive syn ack packet. – uyreee – 2014-08-18T09:36:47.717
So why not prevent the SYN/ACK packet from coming into the system at all? This is basic configuration on all firewalls. – mtak – 2014-08-18T11:31:49.773
I try manual 3way handshake with scapy. System send rst packet before ack packet is sent. – uyreee – 2014-08-18T15:17:57.930