From ad0445676c7c9110266a7f4d9d7f6f6e9bb276ba Mon Sep 17 00:00:00 2001
From: M66B <marcel@faircode.eu>
Date: Wed, 20 Jan 2016 20:07:35 +0100
Subject: [PATCH] Native FIN+ACK on local close

---
 app/src/main/jni/netguard/netguard.c | 16 +++++++++++++---
 app/src/main/jni/netguard/netguard.h |  2 ++
 2 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/app/src/main/jni/netguard/netguard.c b/app/src/main/jni/netguard/netguard.c
index e402a441..0a1cfd31 100644
--- a/app/src/main/jni/netguard/netguard.c
+++ b/app/src/main/jni/netguard/netguard.c
@@ -594,7 +594,7 @@ void check_tcp_sockets(const struct arguments *args, fd_set *rfds, fd_set *wfds,
                         log_android(ANDROID_LOG_DEBUG, "recv empty lport %u state %s",
                                     cur->lport, strstate(cur->state));
 
-                        if (write_fin(args, cur, args->tun) >= 0) {
+                        if (write_fin_ack(args, cur, 0, args->tun) >= 0) {
                             cur->local_seq++; // local FIN
 
                             if (cur->state == TCP_SYN_RECV || cur->state == TCP_ESTABLISHED)
@@ -1098,8 +1098,8 @@ jboolean handle_tcp(const struct arguments *args, const uint8_t *buffer, uint16_
                         }
                     }
                     else {
-                        if (write_ack(args, cur, confirm, args->tun) >= 0)
-                            cur->remote_seq += 1;
+                    //    if (write_ack(args, cur, confirm, args->tun) >= 0)
+                    //        cur->remote_seq += 1;
                     }
                 }
                 else {
@@ -1336,6 +1336,16 @@ int write_data(const struct arguments *args, struct tcp_session *cur, const uint
 
 }
 
+int write_fin_ack(const struct arguments *args, struct tcp_session *cur, int bytes, int tun) {
+    if (write_tcp(args, cur, NULL, 0, bytes, 0, 1, 1, 0, tun) < 0) {
+        log_android(ANDROID_LOG_ERROR, "write FIN+ACK error %d: %s",
+                    errno, strerror((errno)));
+        cur->state = TCP_TIME_WAIT;
+        return -1;
+    }
+    return 0;
+}
+
 int write_fin(const struct arguments *args, struct tcp_session *cur, int tun) {
     if (write_tcp(args, cur, NULL, 0, 0, 0, 0, 1, 0, tun) < 0) {
         log_android(ANDROID_LOG_ERROR,
diff --git a/app/src/main/jni/netguard/netguard.h b/app/src/main/jni/netguard/netguard.h
index 5331ba4a..5006292e 100644
--- a/app/src/main/jni/netguard/netguard.h
+++ b/app/src/main/jni/netguard/netguard.h
@@ -117,6 +117,8 @@ int write_ack(const struct arguments *args, struct tcp_session *cur, int bytes,
 int write_data(const struct arguments *args, struct tcp_session *cur,
                const uint8_t *buffer, uint16_t length, int tun);
 
+int write_fin_ack(const struct arguments *args, struct tcp_session *cur, int bytes, int tun);
+
 int write_fin(const struct arguments *args, struct tcp_session *cur, int tun);
 
 void write_rst(const struct arguments *args, struct tcp_session *cur, int tun);