I’m trying to wrap my head around socket programming and what the
material I’ve been reading is telling me.
Say I have a firewall which allows traffic with connection state: NEW on
a certain port for a short window of time(through port knocking or some
other means). I have a second rule which allows all traffic with
connection state: ESTABLISHED,RELATED that doesn’t decay.
My goal is to have server + client scripts that establish a new
connection during that window and keep the connection open until the
client script ends.
The questions:
Does it matter which type of socket I use? My n00b brain reads the
descriptions and examples on UDP sockets as saying that it does matter,
but at the same time I know I’ve run a few Doom servers with the same
firewall scenario and I’m pretty sure it was UDP.
How does the firewall identify which data is “related or established”
and how can I make sure that the scripts maintain that connection state?