Hello,
I am developing a VPN client that set up a utun network interface, then attach to it for reading / writing packets. The first thing I try to achieve is reading SYN TCP packets issued from local applications then craft / send RST packets in response.
I was able to setup the utun interface with the IP address configuration and the associated route:
ifconfig utun3
utun3: flags=8151<UP,POINTOPOINT,RUNNING,PROMISC,MULTICAST> mtu 1500
inet 44.10.0.1 --> 44.10.0.1 netmask 0xff000000
netstat -rn
Destination Gateway Flags Netif Expire
44.10/16 44.10.0.1 UGSc utun3
44.10.0.1 44.10.0.1 UH utun3
My program is currently able to read packets from the utun3 interface. It seems it is also able to write out packets to the interface: Wireshark displays the packets generated. However, the kernel seems to ignore them. If I try a simple curl command :
curl 44.10.0.240
- The program correctly reads the SYN packet from the utun interface
- Wireshark displays the SYN packet
- My program generates and correctly writes a RST packet to the utun interface
- Wireshark displays the RST packet. No format error
- The curl program sent SYN packets again because it was not alerted of the connection reset.
Note that if I try to listen on the interface with netcat, I am not able to accept connections:
nc -l 44.10.0.1 8080 -> This works, and netcat is listening for connections
curl 44.10.0.1:8080 -> This fails. Netcat never receives the request. Wireshark only displays SYN packets. No SYN/ACK are sent.
This behavior does not appear on the loopback interface lo0. Is there something I am missing like a firewall or a network setting I should know?