Properly send a RST packet to a TCP client and server as a gateway

Question

I am programming a gateway which one of the functionality is to destroy connections when enough packets have been exchanged. I would like to know how to properly form RST packets to send to both the client and server to terminate the connection.

To test this, I use ftp connections/sessions. Right now, I am seeing that when I send the RST packets, the client endlessly replies with SYN packets, while the server simply continues the datastream with ACK packets. Note that after I decide to destroy the connection, I block the traffic between both ends.

I am thinking there may be something wrong with the way I handle my SEQ and ACK numbers. I have not been able to find ressources to explain what to do with the SEQ and ACK numbers when sending a RST packet specifically. Right now, I set the SEQ to a new random number (with rand()) and set the ACK to 0 (since I am not using the ACK flag). I invert the source address with destination address and source port with destination port, and have seen that I correctly calculate checksums.

I seems like both the client and server do not accept the termination.

Answer 1

I don't know what 'resources' you are using, but this seems to be completely covered under 'Reset Generation' in section 3.4 of RFC 793. The RST has sequence number zero and the ACK field is set to the incoming ACK field plus the length, etc as described there several times.