From owner-freebsd-questions@FreeBSD.ORG  Fri Aug 29 09:32:39 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 612F3106567D
	for <freebsd-questions@freebsd.org>;
	Fri, 29 Aug 2008 09:32:39 +0000 (UTC) (envelope-from on@cs.ait.ac.th)
Received: from mail.cs.ait.ac.th (mail.cs.ait.ac.th [192.41.170.16])
	by mx1.freebsd.org (Postfix) with ESMTP id B45048FC1E
	for <freebsd-questions@freebsd.org>;
	Fri, 29 Aug 2008 09:32:38 +0000 (UTC) (envelope-from on@cs.ait.ac.th)
Received: from banyan.cs.ait.ac.th (banyan.cs.ait.ac.th [192.41.170.5])
	by mail.cs.ait.ac.th (8.13.1/8.13.1) with ESMTP id m7T9Wajr041702
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Fri, 29 Aug 2008 16:32:36 +0700 (ICT)
	(envelope-from on@banyan.cs.ait.ac.th)
Received: (from on@localhost)
	by banyan.cs.ait.ac.th (8.14.2/8.12.11) id m7T9WaBQ038904;
	Fri, 29 Aug 2008 16:32:36 +0700 (ICT)
Date: Fri, 29 Aug 2008 16:32:36 +0700 (ICT)
Message-Id: <200808290932.m7T9WaBQ038904@banyan.cs.ait.ac.th>
From: Olivier Nicole <on@cs.ait.ac.th>
To: zhangsc@neusoft.com
In-reply-to: <043901c909b9$3016f360$3f83a8c0@neusofteaf5839> (message from
	EdwardKing on Fri, 29 Aug 2008 17:25:19 +0800)
References: <043901c909b9$3016f360$3f83a8c0@neusofteaf5839>
X-Virus-Scanned: on CSIM by amavisd-milter (http://www.amavis.org/)
Cc: freebsd-questions@freebsd.org
Subject: Re: tcpdump question
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Aug 2008 09:32:39 -0000

Edward,

> I want to know what's meaning of 'S','.','P','F'? 

You should learn a bit about TCP protocol.

S is for SYN (synchronize)
P is for PUSH
F is for FIN
. is for nothing

Pakets are:

3 way hand shake initiate TCP connection
client > server SYN
sever > client SYN ACK
client > server ACK

client > server send data
server > client ACK and send data
client > server ACK

tTermination
client > server FIN
server > client ACK
server > cient FIN
client > server ACK

ACk means acknowledge.

Olivier