diff --git a/app/src/main/jni/netguard/netguard.h b/app/src/main/jni/netguard/netguard.h index 27d3b1f5..ba322402 100644 --- a/app/src/main/jni/netguard/netguard.h +++ b/app/src/main/jni/netguard/netguard.h @@ -50,10 +50,11 @@ #define UDP_KEEP_TIMEOUT 60 // seconds #define TCP_INIT_TIMEOUT 30 // seconds ~net.inet.tcp.keepinit -#define TCP_IDLE_TIMEOUT 3600 // seconds ~net.inet.tcp.keepidle +#define TCP_IDLE_TIMEOUT 29 // seconds ~net.inet.tcp.keepidle #define TCP_CLOSE_TIMEOUT 30 // seconds #define TCP_KEEP_TIMEOUT 300 // seconds // https://en.wikipedia.org/wiki/Maximum_segment_lifetime +#define TCP_KEEP_ALIVE 30 // seconds #define UID_DELAY 1 // milliseconds #define UID_DELAYTRY 10 // milliseconds diff --git a/app/src/main/jni/netguard/tcp.c b/app/src/main/jni/netguard/tcp.c index 51af47d3..a6179251 100644 --- a/app/src/main/jni/netguard/tcp.c +++ b/app/src/main/jni/netguard/tcp.c @@ -128,8 +128,11 @@ int monitor_tcp_session(const struct arguments *args, struct ng_session *s, int } else if (s->tcp.state == TCP_ESTABLISHED || s->tcp.state == TCP_CLOSE_WAIT) { + uint32_t rwindow = get_receive_window(s); + uint32_t swindow = get_send_window(&s->tcp); + // Check for incoming data - if (get_send_window(&s->tcp) > 0) + if (swindow > 0) events = events | EPOLLIN; else { recheck = 1; @@ -153,6 +156,19 @@ int monitor_tcp_session(const struct arguments *args, struct ng_session *s, int else recheck = 1; } + + // Keep alive + if (rwindow > 0 && swindow > 0) { + long long ms = get_ms(); + if (s->tcp.time + TCP_KEEP_ALIVE < time(NULL) && + ms - s->tcp.last_keep_alive > TCP_KEEP_ALIVE * 1000) { + s->tcp.last_keep_alive = ms; + log_android(ANDROID_LOG_WARN, "Sending keep alive"); + s->tcp.remote_seq--; + write_ack(args, &s->tcp); + s->tcp.remote_seq++; + } + } } if (events != s->ev.events) {