windows automatic response to TCP packets - TCP-IP

This is a discussion on windows automatic response to TCP packets - TCP-IP ; hi everyone, I am implemeting a application using Winsock which receive data from interface (192.168.0.178 in following ethereal summary) using IP raw sockets. And it sends out the packet using Winpcap (as windows xp does not allow transmit on raw ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: windows automatic response to TCP packets

  1. windows automatic response to TCP packets

    hi everyone,

    I am implemeting a application using Winsock which receive data from
    interface (192.168.0.178 in following ethereal summary) using IP raw
    sockets. And it sends out the packet using Winpcap (as windows xp does
    not allow transmit on raw sockets).

    My application is forwarding the TCP packets from 2nd interface of PC
    to this interface. I am having a problem in this process as shown in
    following ethereal summary. It sends out packet 2 (TCP SYN) and gets
    the response packet 3 (TCP SYN-ACK). Before application can send next
    required packet 5 (TCP ACK), windows responds on its own with packet 4
    (TCP RST) which destroy the connection and application does not work
    anymore.

    2 24.103098 192.168.0.178 192.168.0.199 TCP 2500 >
    http [SYN] Seq=0 Len=0 MSS=1460
    3 24.103324 192.168.0.199 192.168.0.178 TCP http >
    2500 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1260
    4 24.103346 192.168.0.178 192.168.0.199 TCP 2500 >
    http [RST] Seq=1 Len=0
    5 24.111957 192.168.0.178 192.168.0.199 TCP 2500 >
    http [ACK] Seq=1 Ack=1 Win=65535 Len=0

    Is there a way that windows is prevented from automatically responding
    to this TCP SYN,ACK packet. Or I can reserve this port number 2500 so
    that windows ignores packets on this port.

    I will appreciate any help in this regards.

    Thanks,
    Amir

  2. Re: windows automatic response to TCP packets

    In article <50e84038-8082-45f2-8a5c-a566370a2c69@l32g2000hse.googlegroups.com>, amin.amir@gmail.com writes:
    | hi everyone,
    |
    | I am implemeting a application using Winsock which receive data from
    | interface (192.168.0.178 in following ethereal summary) using IP raw
    | sockets. And it sends out the packet using Winpcap (as windows xp does
    | not allow transmit on raw sockets).
    |
    | My application is forwarding the TCP packets from 2nd interface of PC
    | to this interface. I am having a problem in this process as shown in
    | following ethereal summary. It sends out packet 2 (TCP SYN) and gets
    | the response packet 3 (TCP SYN-ACK). Before application can send next
    | required packet 5 (TCP ACK), windows responds on its own with packet 4
    | (TCP RST) which destroy the connection and application does not work
    | anymore.

    So essentially your application looks like a tcp/ip stack?

    If you were to use my ndis3pkt adapter instead of Winpcap the built-in
    tcp multiplexor would *probably* do what you want. The multiplexor
    tracks tcp/ip connections and makes sure that one stack doesn't see
    packets that are part of another stack's conversation. Ndis3pkt is not
    free, but you can get a demo version at www.danlan.com.

    Of possible note: Ndis3pkt's multiplexor does not support Vista's tcp/ip
    stack, so on Vista ndis3pkt should behave much like Winpcap. Nevertheless,
    users of ndis3pkt on Vista were able to run tcp/ip stacks without interference
    from Vista's. It appears that Vista's default firewall/whatever configuration
    blocks the appropriate packets, though this may be a completely unintended
    side effect. This suggests that you might be able to use Vista and Winpcap
    to do what you want as well.

    Dan Lanciani
    ddl@danlan.*com

+ Reply to Thread