Machine A (192.168.1.107) telnet Machine B (192.168.1.108)
sudo tcpdump -i enp0s3 -nt '(src 192.168.1.107 and dst 192.168.1.108) or (src 192.168.1.108 and dst 192.168.1.107)' 抓包
IP 192.168.1.107.43286 > 192.168.1.108.23: Flags [S], seq 1068102909, win 29200, options [mss 1460,sackOK,TS val 788929 ecr 0,nop,wscale 7], length 0
IP 192.168.1.108.23 > 192.168.1.107.43286: Flags [S.], seq 3334494325, ack 1068102910, win 28960, options [mss 1460,sackOK,TS val 789041 ecr 788929,nop,wscale 7], length 0
IP 192.168.1.107.43286 > 192.168.1.108.23: Flags [.], ack 1, win 229, options [nop,nop,TS val 788929 ecr 789041], length 0
The first TCP packet contains the SYN flag, so it is a synchronization segment, that is, A initiates a connection request to B. At the same time, the synchronization segment contains a sequence number with an ISN value of 1068102909, and the second TCP packet is also A synchronization segment, indicating that B agrees to establish a connection with A, and at the same time it sends its own ISN value of the sequence number of 3334494325, and confirms the first synchronization segment. The confirmation value is 1068102910, which is the first message ISN+1. The third segment is A's acknowledgment of the second segment ( 3334494325 +1 , there is only one ack in the packet capture?? ), so far, the TCP connection is established.
telnet ctrl+] then type quit and press enter
IP 192.168.1.107.43302 > 192.168.1.108.23: Flags [F.], seq 77, ack 90, win 229, options [nop,nop,TS val 1301909 ecr 1297576], length 0
IP 192.168.1.108.23 > 192.168.1.107.43302: Flags [F.], seq 90, ack 78, win 227, options [nop,nop,TS val 1301991 ecr 1301909], length 0
IP 192.168.1.107.43302 > 192.168.1.108.23: Flags [.], ack 91, win 229, options [nop,nop,TS val 1301909 ecr 1301991], length 0
A sends the FIN flag to B, ISN 78, then B sends ack 78+1 to A, and sends out the FIN flag, ISN 90, (four-way handshake due to delayed confirmation merge), and finally A sends confirmation ack 90 +1