aMule Forum
English => en_Bugs => Topic started by: quimm2003 on July 06, 2008, 03:53:38 PM
-
Dear aMule friends,
First of all, congratulations, and thank you for this new aMule relesase! It works fine for me.
I don't know if this is a bug, but 10 minutes after closing aMule, I still have connections from a few IP addresses, and there's an ACK response outgoing through the aMule TCP and UDP port (whireshark shows it). So I close this ports everytime I close aMule, and after a while the number of incoming connections decreases. Is this normal?
I run aMule 2.2.1 (gui, whithout amuleweb and without amuled, all messages filtered, and nobody can browse my shared files; connected to Saugstube server, high id and kad ok) on Ubuntu 7.04 with kernel 2.6.20-17-generic. I post some of captured packets (my IP: 192.168.11.2, aMule TCP port: 62555):
No. Time Source Destination Protocol Info
5 0.454580 88.24.153.233 192.168.11.2 TCP 2365 > 62555 [SYN] Seq=0 Len=0 MSS=1452
6 0.454700 192.168.11.2 88.24.153.233 TCP 62555 > 2365 [RST, ACK] Seq=0 Ack=1 Win=0 Len=0
7 1.089035 88.24.153.233 192.168.11.2 TCP 2365 > 62555 [SYN] Seq=0 Len=0 MSS=1452
8 1.089128 192.168.11.2 88.24.153.233 TCP 62555 > 2365 [RST, ACK] Seq=0 Ack=1 Win=0 Len=0
9 1.694918 88.24.153.233 192.168.11.2 TCP 2365 > 62555 [SYN] Seq=0 Len=0 MSS=1452
10 1.695010 192.168.11.2 88.24.153.233 TCP 62555 > 2365 [RST, ACK] Seq=0 Ack=1 Win=0 Len=0
Thanks
-
The other clients keep on opening connections to you for a while, that's perfectly normal.
-
The other clients keep on opening connections to you for a while, that's perfectly normal.
Except if aMule has been shut down before. The who is accepting the connection?
-
I'm no wireshark expert I admit. But isn't "ACK" just the acknowledge from the network card successfully receiving a packet sent to it's MAC adress ? Then it's progressed in the OS's IP stack (and dropped since there is no more process listening for it). Note the "len=0" - looks like failed attempts to open a connection to me.
-
Yes, I've also seen this "len = 0", and I understand it's normal the clients keep on opening connections to me, but I was surprised that it happens ten minutes after closing aMule. You know, in Europe there's a prosecution on P2P users... Using "whois" I've seen that IP addresses opening connections came from main ISPs: telefonica, jazztel, euskaltel... Not surprising. But I wrote them a mail to know if they are spying or just forwarding requests.
I'm not paranoid, but I'm developing a daemon to automatically open and close aMule ports, watching the existence of "amuleLock" file.
Thank you very much.
Quim.
-
Clients try to connect to you every 19(?) minutes. So this behaviour is quite normal. But after 20 minutes most of the attems should be gone.
(I know that some clients even try to connect to you even after this 20 minutes, if they are low on sources and assume that you may be online again.)
-
Using "whois" I've seen that IP addresses opening connections came from main ISPs: telefonica, jazztel, euskaltel...
LOL. If you got a whois "something.pool.einsundeins.de" that was no "ISP" but just a dialup user - maybe me. ;D