机器A(192.168.1.107) telnet 机器B(192.168.1.108)
sudo tcpdump -i enp0s3 -nt '(src 192.168.1.107 and dst 192.168.1.108) or (src 192.168.1.108 and dst 192.168.1.107)' 抓包
IP 192.168.1.107.43286 > 192.168.1.108.23: Flags [S], seq 1068102909, win 29200, options [mss 1460,sackOK,TS val 788929 ecr 0,nop,wscale 7], length 0
IP 192.168.1.108.23 > 192.168.1.107.43286: Flags [S.], seq 3334494325, ack 1068102910, win 28960, options [mss 1460,sackOK,TS val 789041 ecr 788929,nop,wscale 7], length 0
IP 192.168.1.107.43286 > 192.168.1.108.23: Flags [.], ack 1, win 229, options [nop,nop,TS val 788929 ecr 789041], length 0
第一个TCP报文包含SYN标志,因此它是一个同步报文段,即A向B发起连接请求,同时,该同步报文段包含一个ISN值为1068102909的序号,第二个TCP报文也是一个同步报文段,表示B同意与A建立连接,同时它发送自己的ISN值为3334494325的序号,并对第一个同步报文段进行确认,确认值是1068102910,即第一个报文的ISN+1。第三个报文段是A对第二个报文段的确认(3334494325 +1 ,抓包中没体现只有一个ack??),至此,TCP连接就建立起来了。
telnet ctrl+] 然后输入quit 回车
IP 192.168.1.107.43302 > 192.168.1.108.23: Flags [F.], seq 77, ack 90, win 229, options [nop,nop,TS val 1301909 ecr 1297576], length 0
IP 192.168.1.108.23 > 192.168.1.107.43302: Flags [F.], seq 90, ack 78, win 227, options [nop,nop,TS val 1301991 ecr 1301909], length 0
IP 192.168.1.107.43302 > 192.168.1.108.23: Flags [.], ack 91, win 229, options [nop,nop,TS val 1301909 ecr 1301991], length 0
A向B发送 FIN标志,ISN 78,然后B向A 发送ack 78+1,并且自己发出FIN标志,ISN 90,(四次握手因为延迟确认合并),最后A发送确认 ack 90 +1