Mirror/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2025-12-19 22:18:13 +03:00
Code Issues Packages Projects Releases Wiki Activity

readme: UDP stream notes

Browse Source
This commit is contained in:
bol-van
2022-01-29 17:41:42 +03:00
parent f05195f202
commit b10e5fb0c1
2 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs/readme.eng.md
View File

@@ -323,6 +323,9 @@ It can be fed with unidirectional or bidirectional packets.
A SYN or SYN,ACK packet creates an entry in the conntrack table.
First seen UDP packet creates UDP stream. It defines the stream direction. Then all packets with the same
src_ip,src_port,dst_ip,dst_port are considered to belong to the same UDP stream. UDP stream exists till timeout.
That's why iptables redirection must start with the first packet although can be cut later using connbytes filter.
A connection is deleted from the table as soon as it's no more required to satisfy nfqws needs or when a timeout happens.