The Missing (TCP_KEEPINTVL and TCP_KEEPCNT) SO_KEEPALIVE socket option setters and getters for Node using ffi module. Tested on linux, should work on osx and freebsd.
$ npm install --save net-keepalivevar Net = require('net')
, NetKeepAlive = require('net-keepalive')
;
// Create a TCP Server
var srv = Net.createServer(function(s){
console.log('Connected %j', s.address())
// Doesn't matter what it does
s.pipe(s)
});
// Start on some port
srv.listen(1337, function(){
console.log('Listening on %j', srv.address())
});
// Connect to that server
var s = Net.createConnection({port:1337}, function(){
console.log('Connected to %j', s.address())
//IMPORTANT: KeepAlive must be enabled for this to work
s.setKeepAlive(true, 1000)
// Set TCP_KEEPINTVL for this specific socket
NetKeepAlive.setKeepAliveInterval(s, 1000)
// Get TCP_KEEPINTVL for this specific socket
NetKeepAlive.getKeepAliveInterval(s) // 1000
// Set TCP_KEEPCNT for this specific socket
NetKeepAlive.setKeepAliveProbes(s, 1)
// Get TCP_KEEPCNT for this specific socket
NetKeepAlive.getKeepAliveProbes(s) // 1
});Now using iptables add rule to drop all tcp packets on INPUT chain to port 1337.
$ iptables -I INPUT -m tcp -p tcp --dport 1337 -j DROPIf you were monitoring packets on loopback with tcp.srcport == 1337 || tcp.dstport == 1337 filter in wireshark. You will see the following output:
Have fun!
More info about SO_KEEPALIVE here: TCP Keepalive HOWTO
C Code examples here: Examples
Note: For these methods to work you must enable SO_KEEPALIVE and set the TCP_KEEPIDLE options for socket using Net.Socket-s built in method socket.setKeepAlive([enable][, initialDelay]) !
TCP_KEEPIDLE (since Linux 2.4) The time (in seconds) the connection needs to remain idle before TCP starts sending keepalive probes, if the socket option SO_KEEPALIVE has been set on this socket. This option should not be used in code intended to be portable.
var NetSocket = require('net-keepalive')
// .....
// get socket somehow
// .....
var enable = true // enable SO_KEEPALIVE
var initialDuration = 1000 // start probing after 1 second of inactivity
socket.setKeepAlive(enable, initialDuration) // sets SO_KEEPALIVE and TCP_KEEPIDLE
var probeInterval = 1000 // after initialDuration send probes every 1 second
NetSocket.setKeepAliveInterval(socket, probeInterval) //sets TCP_KEEPINTVL
var maxProbesBeforeFail = 10 // after 10 failed probes connection will be dropped
NetSocket.setKeepAliveProbes(socket, maxProbesBeforeFail) // sets TCP_KEEPCNT
// ....
// ....socket-instanceof Net.Socket- Socket to modifymsecs-Number- Time in milliseconds between KeepAlive probes.- Returns
trueon success
Sets TCP_KEEPINTVL to msecs miliseconds (converted to seconds int internally) for the socket based on its file descriptor (fd)
TCP_KEEPINTVL (since Linux 2.4) The time (in seconds) between individual keepalive probes. This option should not be used in code intended to be portable.
socket-instanceof Net.Socket- Socket to modify- Returns
msecs-Number- Time in milliseconds between KeepAlive probes on success
Gets TCP_KEEPINTVL. The msecs miliseconds (converted from seconds int internally) set for the socket based on its file descriptor (fd)
TCP_KEEPINTVL (since Linux 2.4) The time (in seconds) between individual keepalive probes. This option should not be used in code intended to be portable.
socket-instanceof Net.Socket- Socket to modifycount-Number- Number of probes to send before dropping the connection- Returns
trueon success
Sets TCP_KEEPCNT to count number of probes for the socket based on its file descriptor (fd)
TCP_KEEPCNT (since Linux 2.4) - The maximum number of keepalive probes TCP should send before dropping the connection. This option should not be used in code intended to be portable.
socket-instanceof Net.Socket- Socket to modify- Returns
count-Number- Number of probes to send before dropping the connection on success.
Gets TCP_KEEPCNT. The count number of probes set for the socket based on its file descriptor (fd)
TCP_KEEPCNT (since Linux 2.4) - The maximum number of keepalive probes TCP should send before dropping the connection. This option should not be used in code intended to be portable.