Yancey Wang
Yancey Wang
If you really don't want to install the `iptables` command , you have the option of using `-g` to generate the iptables. You translate them into nftables manually and add...
> create an instruction on how to configure nftables okay, I will add instructions in wiki or help page, and add the equivalent nftables commands into `-g`'s output.
> So, the only purpose for firewall rules is to protect Linux stack from processing TCP segments? Yes > At the server, I see multiple received syn,sent syn ack back...
@Anillc thanks for the feedback. Maybe the behavior of `nftables`'s drop is not really same as `iptables`. I will investigate a bit and see if there is a `nftables` way...
Well this might be udp2raw bug. But this is (maybe more likely) caused by your ISP is pusnishing long-term connections. > Are there any known methods to improve this situation?...
the advantage of `--fifo` vs "restart udp2raw" is: With fifo reconnect, your upper level udp connections will stay valid after reconnect, you traffic will only be interrupted by a few...
You can try different `--seq-mode` and see, it might help or might not help. Cannot provide any guarantee. If the packet loss is indeed caused by your ISP's qos strategy...
> I suggest to provide a method to stablish a new FakeTCP connection. This will overcome the use case when the ISP could be punishing long-term connections. For example, you...
> Or you simple close and reopen? The idea is to not block the traffic in any sense. It's indeed simply close and reopen. But the reconnect is usually very...
I already explained the idea of `periodically reconnect` + `start a new connection in parallel and retire the old connection when new is ready` doesn't work well, unless a smart...