Date: Fri, 29 Aug 2008 17:25:19 +0800 From: EdwardKing <zhangsc@neusoft.com> To: FreeBSD <freebsd-questions@freebsd.org> Subject: tcpdump question Message-ID: <043901c909b9$3016f360$3f83a8c0@neusofteaf5839>
next in thread | raw e-mail | index | archive | help
There is a server and a clinet,the use TCP and port is 9999,server and client is the same machine. I use following step: 1.client send a "hello" to server 2.server return a "hello" to client 3.stop client 4.stop server I use tcpdump to watch tcp package,result is follows: 15:47:15.875447 IP (tos 0x0, ttl 64, id 417, offset 0, flags [DF], proto TCP (6), length 60) edward.com.56773 > edward.com.9999: S, cksum 0x80e8 (correct), 3156022143:3156022143(0) win 65535 <mss 16344,nop,wscale 3,sackOK,timestamp 4141177 0> 15:47:15.876005 IP (tos 0x0, ttl 64, id 418, offset 0, flags [DF], proto TCP (6), length 60) edward.com.9999 > edward.com.56773: S, cksum 0x4b72 (correct), 2047624831:2047624831(0) ack 3156022144 win 65535 <mss 16344,nop,wscale 3,sackOK,timestamp 822232023 4141177> 15:47:15.876007 IP (tos 0x0, ttl 64, id 419, offset 0, flags [DF], proto TCP (6), length 52) edward.com.56773 > edward.com.9999: ., cksum 0x915e (correct), ack 1 win 8960 <nop,nop,timestamp 4141177 822232023> 15:47:17.170067 IP (tos 0x0, ttl 64, id 420, offset 0, flags [DF], proto TCP (6), length 58) edward.com.56773 > edward.com.9999: P, cksum 0x6865 (correct), 1:7(6) ack 1 win 8960 <nop,nop,timestamp 4142472 822232023> 15:47:17.170535 IP (tos 0x0, ttl 64, id 421, offset 0, flags [DF], proto TCP (6), length 58) edward.com.9999 > edward.com.56773: P, cksum 0x6350 (correct), 1:7(6) ack 7 win 8960 <nop,nop,timestamp 822233318 4142472> 15:47:17.270236 IP (tos 0x0, ttl 64, id 422, offset 0, flags [DF], proto TCP (6), length 52) edward.com.56773 > edward.com.9999: ., cksum 0x86d0 (correct), ack 7 win 8960 <nop,nop,timestamp 4142572 822233318> 15:47:27.602760 IP (tos 0x0, ttl 64, id 423, offset 0, flags [DF], proto TCP (6), length 52) edward.com.56773 > edward.com.9999: F, cksum 0x5e72 (correct), 7:7(0) ack 7 win 8960 <nop,nop,timestamp 4152905 822233318> 15:47:27.603085 IP (tos 0x0, ttl 64, id 424, offset 0, flags [DF], proto TCP (6), length 52) edward.com.9999 > edward.com.56773: ., cksum 0x35b1 (correct), ack 8 win 8960 <nop,nop,timestamp 822243751 4152905> 15:51:58.146875 IP (tos 0x0, ttl 64, id 433, offset 0, flags [DF], proto TCP (6), length 52) edward.com.9999 > edward.com.56773: F, cksum 0x14cb (correct), 7:7(0) ack 8 win 8960 <nop,nop,timestamp 822514312 4152905> 15:51:58.146978 IP (tos 0x0, ttl 64, id 434, offset 0, flags [DF], proto TCP (6), length 52) edward.com.56773 > edward.com.9999: ., cksum 0xf3e6 (correct), ack 8 win 8959 <nop,nop,timestamp 4423466 822514312> I want to know what's meaning of 'S','.','P','F'? Anyone could explain above tcpdump result? I don't understand above result well. Thanks in advance! Best Regards, Edward ---------------------------------------------------------------------------------------------- Confidentiality Notice: The information contained in this e-mail and any accompanying attachment(s) is intended only for the use of the intended recipient and may be confidential and/or privileged of Neusoft Corporation, its subsidiaries and/or its affiliates. If any reader of this communication is not the intended recipient, unauthorized use, forwarding, printing, storing, disclosure or copying is strictly prohibited, and may be unlawful. If you have received this communication in error, please immediately notify the sender by return e-mail, and delete the original message and all copies from your system. Thank you. -----------------------------------------------------------------------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?043901c909b9$3016f360$3f83a8c0>