Censorship-injection detection means detecting injected FIN and RST packets. However this feature addition would also imply detecting failed attempts at censorship-injection. Actually there are three TCP Sequence ordering cases we are interested in:
contiguous: the next expected sequence number,
overlap: old sequence numbers that overlap with previously reassembled stream segments
out of order: future sequence numbers
For each of these ordering cases we can receive a FIN or RST packet. After the state machine has been marked as being in the TCP_CLOSED state we must continue to watch for events that trigger our overlap detection. Detecting an overlap in Sequence number at this point would imply that the previous FIN or RST was injected... or that the current data is a failed injection. Does everybody understand what I mean!? ;-p
david415
commented
9 years ago
Censorship-injection detection means detecting injected FIN and RST packets. However this feature addition would also imply detecting failed attempts at censorship-injection. Actually there are three TCP Sequence ordering cases we are interested in:
For each of these ordering cases we can receive a FIN or RST packet. After the state machine has been marked as being in the TCP_CLOSED state we must continue to watch for events that trigger our overlap detection. Detecting an overlap in Sequence number at this point would imply that the previous FIN or RST was injected... or that the current data is a failed injection. Does everybody understand what I mean!? ;-p