pping: Only match TSecr in ACKs

The echoed TCP timestamp (TSecr) is only valid if the ACK flag is
set. So make sure to only attempt to match on ACK packets.

Signed-off-by: Simon Sundberg <simon.sundberg@kau.se>

pping/TODO.md

@@ -6,6 +6,8 @@
     - Timestamping pure ACKs may lead to erroneous RTTs (ex. delay
       between application attempting to send data being recognized as
       an RTT)
+  - [x] Skip non-ACKs for ingress
+    - The echoed TSecr is not valid if the ACK-flag is not set
   - [ ] Add fallback to SEQ/ACK in case of no timestamp?
     - Some machines may not use TCP timestamps (either not supported
       at all, or disabled as in ex. Windows 10)

pping/pping_kern.c

@@ -153,6 +153,10 @@ static int parse_tcp_identifier(struct parsing_context *ctx, __be16 *sport,
 	    !tcph->syn)
 		return -1;
 
+	// Do not match on non-ACKs (TSecr not valid)
+	if (!ctx->is_egress && !tcph->ack)
+		return -1;
+
 	// Check if connection is opening/closing
 	if (tcph->syn) {
 		fei->event = FLOW_EVENT_OPENING;