Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

server sending TCP RST / reset by peer #160

Open
seek2222 opened this issue Jul 7, 2024 · 4 comments
Open

server sending TCP RST / reset by peer #160

seek2222 opened this issue Jul 7, 2024 · 4 comments

Comments

@seek2222
Copy link

seek2222 commented Jul 7, 2024

HI all,

I have a problem that the server is sending TCP RST toward the client. I have gone through the logs and I couldn't find the root cause of sending the RST.

tshark/tcpdump from server:
36 31.420796365 SERVER_IP → CLIENT_IP TCP 54 443 → 53520 [RST, ACK] Seq=1 Ack=1 Win=65535 Len=0
37 31.663715425 CLIENT_IP → SERVER_IP TCP 78 53530 → 443 [SYN] Seq=0 Win=42340 Len=0 MSS=1460 SACK_PERM TSval=717831679 TSecr=0 WS=2048 TFO=R

server:
RUST_LOG=info /root/phantun/target/release/server --local 443 --remote 127.0.0.1:51822 &> /var/log/phantun_server.log &

~# tail -f /var/log/phantun_server.log
INFO server > Remote address is: 127.0.0.1:51822
INFO server > 1 cores available
INFO server > Created TUN device tun0
INFO server > Listening on 443

client:
RUST_LOG=info /root/phantun/target/release/client --local 127.0.0.1:1234 --remote SERVER_IP:443 &> /var/log/phantun_client.log &

INFO client > New UDP client from 127.0.0.1:46180
INFO fake_tcp > Sent SYN to server
INFO fake_tcp > Connection to SERVER_IP:443 established
INFO fake_tcp > Connection (Fake TCP connection from 192.168.200.2:27979 to SERVER_IP:443) reset by peer
INFO fake_tcp > Fake TCP connection to (Fake TCP connection from 192.168.200.2:27979 to SERVER_IP:443) closed

server iptables:
iptables -t filter -nvL
Chain INPUT (policy ACCEPT 530K packets, 197M bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
562 22480 ACCEPT 0 -- tun0 * 0.0.0.0/0 0.0.0.0/0
562 35940 ACCEPT 0 -- * tun0 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

iptables -t nat -nvL
Chain PREROUTING (policy ACCEPT 365K packets, 28M bytes)
pkts bytes target prot opt in out source destination
1083 68296 DNAT 6 -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 to:192.168.201.2

any input is much appreciated.
P.s, the 443 TCP/udp port is free from the netstat side as well. I know already that the phantun is not registering the listening port on Kernel.

@smith752
Copy link

smith752 commented Jul 28, 2024

Check whether system kernel forwarding is turned on, the server side and client side the value of net.ipv4.ip_forward should be equal 1
# sysctl -a | grep "net.ipv4.ip_forward"
net.ipv4.ip_forward = 1

you can execute this command to turn on kernel forwarding
echo "net.ipv4.ip_forward = 1">>/etc/sysctl.conf;sysctl -p

@seek2222
Copy link
Author

@smith752 first off, thanks for replying.
secondly, the ipv4 forwarding is enabled on both phantun client and server.

@seek2222
Copy link
Author

my server is running Ubuntu 22.04 and on another instance it is running on 24.04 with latest kernel installed.

@iopq
Copy link

iopq commented Dec 8, 2024

Annoyingly, you may need to also disable the rp_filter

sudo sysctl -a | grep rp_filter
sudo sysctl -w net.ipv4.conf.all.rp_filter=0

check if it's on and turn it off

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants