Let’s say you are interested in a certain flow, and you define that flow with a 5 tuple (srcIp, srcPort, dstIp, dstPort, Protocol)
My questions are:
-
Let’s say a flow dies in a normal way, for example the other ends a RESET ACK packet, how to get notified of this, other than parsing the packets ourselves?
-
How to get notified when a connection dies in a abnormal way, for example the other end loses connection due to cable problems, therefore doesn’t notify our end (server).