How to stop sending RST to specific IP

Question

I want to stop sending RST to specific IP(192.168.56.101) on Mac OS X.

I enter this command. But it still send RST.

sudo ipfw add drop tcp from 192.168.56.1 to 192.168.56.101 in tcpflags rst

What do I change this command?

Unfortunately you don't give any background info, but it seems you are trying to solve the wrong problem. If the system sends a RST packet, the socket which was used will be closed, thus allow no further communication. IMHO it would be better to check the application for errors and see *why* it sends an RST segment. — mtak, Aug 18 '14 at 09:23
I want not to send rst packet when system receive syn ack packet. — uyreee, Aug 18 '14 at 09:36
So why not prevent the SYN/ACK packet from coming into the system at all? This is basic configuration on all firewalls. — mtak, Aug 18 '14 at 11:31
I try manual 3way handshake with scapy. System send rst packet before ack packet is sent. — uyreee, Aug 18 '14 at 15:17

Tony Lee · Answer 1 · 2016-08-23T03:03:56.063

2

Thx for your clues.Finally,I got there.

first.add this line to /etc/pf.conf

block drop proto tcp from 172.31.82.98 to 103.214.68.23 flags R/R

then load the pf rules with

sudo pfctl -f /etc/pf.conf

then enable the pf rules with

sudo pfctl -e

edited Aug 23 '16 at 03:03

answered Aug 23 '16 at 02:31

Tony Lee

1 Answers1