2

I'm currently building a transparent proxy in Java. This transparent proxy is placed between a client and a server, using iptables to redirect the TCP flow.

From the point of view of the TCP communication, I have the following dialog :

Client                 Server
  | ---- TCP Packet 1 ---> |
  | ---- TCP Packet 2 ---> |
  | <--- TCP Packet 3 ---- |
  | <--- TCP Packet 4 ---- |

From the point of view of the transparent proxy (using sockets), I get :

Client                                    Server
  | ---- TCP Payloads from packet 1 + 2 ---> |
  | <--- TCP Payloads from packet 3 + 4 ---- |

My problem is that the sockets are putting together multiple TCP payloads together. I would like to avoid this behavior.

I could circumvent the problem using the size of the packets, but this size is not constant. I tried using the tcpNoDelay option, but also no luck with that. I used the networking framework netty, but I get the same problem.

Is there a way to avoid this concatenation of TCP payloads in Java ?

Improve this question

1 Answer 1

Reset to default
4

No. TCP is a stream-oriented protocol - this is how it should work. If you want to see the fragmented packets introduced by the various hops in between you and the peer, you'll need a packet capture library.

You could just as well receive the packets 1 byte at a time, the concept of "chunks" of data is gone as soon as the client delivers its payload to the IP stack. Using TCP_NODELAY simply ensures that the sender will transmit data immediately - not that all hops up to and including the recipient will avoid combining packets.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thank you for your answer. For your answer on the fact that packets are framented, I should have added the fact that everything is done on localhost. Also, I verified using Wireshark that there is no fragmentation. The fact that I have multiple packets comes from the protocol between the server and the client. Also, I've done a similar proxy using Python, and I don't have the problem.
@Jeff E: That the python variant works is just luck - you can never rely on TCP keeping packet sizes from sender to receiver

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.