Missing connections RRS feed

  • Question

  • I've stumbled upon a weird problem with WFP:

    I use an ALE_CONNECT_REDIRECT callout to redirect outgoing traffic from a certain port to localhost. This 'alone' works flawlessly. However I also have a CONNECT callout that should be called for each of the redirect connections. The conditions are:

    REDIRECT: protocol is TCP && port is SOME_PORT (let's say 80) [redirect all outgoing TCP:80 traffic to localhost:1234]

    CONNECT: protocol is TCP && FWP_CONDITION_FLAG_IS_LOOPBACK is set ["catch" all redirected traffic]

    Also, there's a server bound on localhost:1234 that listens for connections. This, however, is irrelevant to the problem which is this:

    -with low traffic all works OK (all TCP:80 traffic passes through both callouts and reaches the server)

    -with high traffic sometimes I redirect a connections and never see it again (it never reaches the connect callout). This only happens sometimes when I stress-test the driver with opening ~50 browsing tabs at once (each tab makes multiple connections). All connections reach the server, but not all have passed through CONNECT.

    I've verified this using interlocks. The typical 'lost ratio' is very small, for example: 2500/2502 (connect/redirect). Two connections were 'lost'. It is also worth mentioning that such a test very heavily stresses the system itself (1x2.13GHz). The same effect is virtually not reproducible on a dual-core machine. I've managed to do it once, opening a few hundred tabs in three browsers at once.

    Is there anything else I should test? Something missing?

    Tuesday, August 2, 2011 11:02 AM