I have discovered what I believe to be spoofed TCP reset packets being
injected into the stream to kill some large downloads I am trying to
make. I know the RST packets didn't come from the server I am
downloading from because I can see normal data-bearing packets arriving
after the RST packets and with later sequence numbers. It is probably
some half-wit attempt by the ISP to limit my downloads.
The problem is that when my computer receives the RST packets the
connection breaks and the download stops. If I could get my computer to
ignore these RSTs then I believe the connection would continue and my
downloads would complete.
Is there any way that I can use iptables to filter these RST packets
from a specific set of IP addresses corresponding to the servers in
question? A quick dip in the iptables man page has rather overwhelmed me
with the learning curve required, but also encouraged me when I saw
there was a --tcp-flags option.
Can anyone help me by showing me how to form a complete iptables command
line to block the RST packets?