From owner-freebsd-net@FreeBSD.ORG Mon Jun 2 07:49:42 2008 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C4A14106564A for ; Mon, 2 Jun 2008 07:49:42 +0000 (UTC) (envelope-from andre@freebsd.org) Received: from c00l3r.networx.ch (c00l3r.networx.ch [62.48.2.2]) by mx1.freebsd.org (Postfix) with ESMTP id 2B8F48FC15 for ; Mon, 2 Jun 2008 07:49:41 +0000 (UTC) (envelope-from andre@freebsd.org) Received: (qmail 64263 invoked from network); 2 Jun 2008 06:46:43 -0000 Received: from localhost (HELO [127.0.0.1]) ([127.0.0.1]) (envelope-sender ) by c00l3r.networx.ch (qmail-ldap-1.03) with SMTP for ; 2 Jun 2008 06:46:43 -0000 Message-ID: <4843A615.90809@freebsd.org> Date: Mon, 02 Jun 2008 09:49:41 +0200 From: Andre Oppermann User-Agent: Thunderbird 1.5.0.14 (Windows/20071210) MIME-Version: 1.0 To: Victor Hugo Bilouro References: <483E62D9.8000308@freebsd.org> <4842814C.3000508@freebsd.org> <48430A59.5090604@freebsd.org> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: net@freebsd.org Subject: Re: establish connection without tcp options X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2008 07:49:42 -0000 Victor Hugo Bilouro wrote: > On Sun, Jun 1, 2008 at 5:45 PM, Andre Oppermann wrote: >> Victor Hugo Bilouro wrote: >>> syn--------------------------------- >>> sport 59966 >>> dport 22022 >>> sequence 874312230 >>> ack_number 0 >>> offset 5 >>> reserved 0 >>> urgent 0 >>> ack 0 >>> push 0 >>> reset 0 >>> syn 1 >>> fin 0 >>> window 65535 >>> checksum 50667 >>> urg_pointer 0 >>> >>> --------------------------------- >>> >>> syn+ack----------------------------- >>> sport 22022 >>> dport 59966 >>> sequence 2755934977 >>> ack_number 874312231 >>> offset 6 >>> reserved 0 >>> urgent 0 >>> ack 1 >>> push 2 >>> reset 4 >>> syn 9 >>> fin 0 >>> window 65535 >>> checksum 52952 >>> urg_pointer 0 >>> >>> --------------------------------- >>> >>> ack--------------------------------- >>> sport 59966 >>> dport 22022 >>> sequence 874312230 >> ^^^^^^^^^^^^^^ increment by one for SYN you sent. >> See also the ACK you got back above. >> >>> ack_number 2755934978 >>> offset 5 >>> reserved 0 >>> urgent 0 >>> ack 1 >>> push 0 >>> reset 0 >>> syn 0 >>> fin 0 >>> window 65535 >>> checksum 59030 >>> urg_pointer 0 >>> --------------------------------- >>> >>> ...and the log showed: >>> TCP [192.168.1.10]:59966 to [192.168.1.20]:22022 tcpflags 0x10; >>> syncache_expand: SEQ 874312230 != IRS+1 874312230, segment rejected. >>> >>> I'm still working... >> You should familiarize yourself some more with the sequence number >> system TCP uses. The Stevens books "TCP/IP Illustrated" Volume 1+2 >> are very good for that. >> >> -- >> Andre >> > > PS.: I forgot to copy the list in the previous email exchanging, so > I'm doing now.... > > > Andre, thank you SO VERY MUCH. It's working fine! > > As every book show tcpdump examples of connection establishment , and > when the SYN flag is 0(as step #3 of three way handshake), sequence > number(SN) are omitted of dump, BUT, it's present. You should use the "-S" option to tcpdump. It will show absolute sequence number instead of relative ones (as guessed by tcpdump). > The thing is, the SN is present but it isn't consumed. So, packets > that don't consumes the SN, must have the last consumed SN + 1. > > Only for curiosity, linux and windows 2k accomplished without > problems the three way handshake without Sequence Number filled on > step #3. I have a hard time believing that. At most they may have sent you a retransmit or a challenge-ACK. -- Andre