4、SYN-RCVD

4、SYN-RCVD

需要使用防火墙来模拟:

1.禁止指定IP地址的主机进行连接
iptables -I INPUT -s .***.***. -j DROP

2.解除禁止指定IP地址的主机进行连接
iptables -D INPUT -s .***.***. -j DROP


iptables -I INPUT -s 192.168.137.2 -j DROP



iptables -D INPUT -s 192.168.137.2 -j DROP




服务端:

node1:/root#netstat -na | grep 8080
tcp        0      0 192.168.137.2:8080          0.0.0.0:*                   LISTEN      
tcp        0      0 192.168.137.2:8080          192.168.137.3:56405         SYN_RECV  



模拟拒绝 服务端的192.168.137.2所有连接:

服务端收到SYN报文以后会回复 SYN+ACK,然后等待对端 ACK 的时候进入SYN-RCVD,完整的代码见:state_syn_rcvd.pkt


0 packets dropped by kernel
node1:/root#tcpdump -S -i eth1 '((tcp) and  (port 8080) )' 
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes


20:01:21.618679 IP node2.19202 > 1.1.1.1.webcache: Flags [S], seq 2444177452, win 14600, options [mss 1460,sackOK,TS val 316653172 ecr 0,nop,wscale 7], length 0
20:01:46.241273 IP node2.56405 > node1.webcache: Flags [S], seq 543801636, win 14600, options [mss 1460,sackOK,TS val 316677793 ecr 0,nop,wscale 7], length 0
20:01:46.241316 IP node1.webcache > node2.56405: Flags [S.], seq 3838238406, ack 543801637, win 14480, options [mss 1460,sackOK,TS val 21470510 ecr 316677793,nop,wscale 6], length 0
20:01:47.240413 IP node2.56405 > node1.webcache: Flags [S], seq 543801636, win 14600, options [mss 1460,sackOK,TS val 316678794 ecr 0,nop,wscale 7], length 0
20:01:47.240439 IP node1.webcache > node2.56405: Flags [S.], seq 3838238406, ack 543801637, win 14480, options [mss 1460,sackOK,TS val 21471509 ecr 316677793,nop,wscale 6], length 0
20:01:47.440834 IP node1.webcache > node2.56405: Flags [S.], seq 3838238406, ack 543801637, win 14480, options [mss 1460,sackOK,TS val 21471710 ecr 316677793,nop,wscale 6], length 0
20:01:49.243107 IP node2.56405 > node1.webcache: Flags [S], seq 543801636, win 14600, options [mss 1460,sackOK,TS val 316680795 ecr 0,nop,wscale 7], length 0
20:01:49.243373 IP node1.webcache > node2.56405: Flags [S.], seq 3838238406, ack 543801637, win 14480, options [mss 1460,sackOK,TS val 21473512 ecr 316677793,nop,wscale 6], length 0
20:01:49.642918 IP node1.webcache > node2.56405: Flags [S.], seq 3838238406, ack 543801637, win 14480, options [mss 1460,sackOK,TS val 21473912 ecr 316677793,nop,wscale 6], length 0
20:01:53.241295 IP node2.56405 > node1.webcache: Flags [S], seq 543801636, win 14600, options [mss 1460,sackOK,TS val 316684795 ecr 0,nop,wscale 7], length 0
20:01:53.241554 IP node1.webcache > node2.56405: Flags [S.], seq 3838238406, ack 543801637, win 14480, options [mss 1460,sackOK,TS val 21477510 ecr 316677793,nop,wscale 6], length 0
20:01:53.845129 IP node1.webcache > node2.56405: Flags [S.], seq 3838238406, ack 543801637, win 14480, options [mss 1460,sackOK,TS val 21478114 ecr 316677793,nop,wscale 6], length 0
20:02:01.241037 IP node2.56405 > node1.webcache: Flags [S], seq 543801636, win 14600, options [mss 1460,sackOK,TS val 316692795 ecr 0,nop,wscale 7], length 0
20:02:01.241057 IP node1.webcache > node2.56405: Flags [S.], seq 3838238406, ack 543801637, win 14480, options [mss 1460,sackOK,TS val 21485510 ecr 316677793,nop,wscale 6], length 0
20:02:01.850088 IP node1.webcache > node2.56405: Flags [S.], seq 3838238406, ack 543801637, win 14480, options [mss 1460,sackOK,TS val 21486119 ecr 316677793,nop,wscale 6], length 0
20:02:17.241349 IP node2.56405 > node1.webcache: Flags [S], seq 543801636, win 14600, options [mss 1460,sackOK,TS val 316708795 ecr 0,nop,wscale 7], length 0
20:02:17.241367 IP node1.webcache > node2.56405: Flags [S.], seq 3838238406, ack 543801637, win 14480, options [mss 1460,sackOK,TS val 21501510 ecr 316677793,nop,wscale 6], length 0
20:02:17.859327 IP node1.webcache > node2.56405: Flags [S.], seq 3838238406, ack 543801637, win 14480, options [mss 1460,sackOK,TS val 21502128 ecr 316677793,nop,wscale 6], length 0
^C





客户端:

node2:/root#tcpdump -S -i eth1 '((tcp) and  (port 8080) )'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes
20:47:16.099375 IP node2.56405 > node1.webcache: Flags [S], seq 543801636, win 14600, options [mss 1460,sackOK,TS val 316677793 ecr 0,nop,wscale 7], length 0
20:47:16.130282 IP node1.webcache > node2.56405: Flags [S.], seq 3838238406, ack 543801637, win 14480, options [mss 1460,sackOK,TS val 21470510 ecr 316677793,nop,wscale 6], length 0
20:47:17.099629 IP node2.56405 > node1.webcache: Flags [S], seq 543801636, win 14600, options [mss 1460,sackOK,TS val 316678794 ecr 0,nop,wscale 7], length 0
20:47:17.100312 IP node1.webcache > node2.56405: Flags [S.], seq 3838238406, ack 543801637, win 14480, options [mss 1460,sackOK,TS val 21471509 ecr 316677793,nop,wscale 6], length 0
20:47:17.300368 IP node1.webcache > node2.56405: Flags [S.], seq 3838238406, ack 543801637, win 14480, options [mss 1460,sackOK,TS val 21471710 ecr 316677793,nop,wscale 6], length 0
20:47:19.100498 IP node2.56405 > node1.webcache: Flags [S], seq 543801636, win 14600, options [mss 1460,sackOK,TS val 316680795 ecr 0,nop,wscale 7], length 0
20:47:19.103199 IP node1.webcache > node2.56405: Flags [S.], seq 3838238406, ack 543801637, win 14480, options [mss 1460,sackOK,TS val 21473512 ecr 316677793,nop,wscale 6], length 0
20:47:19.502571 IP node1.webcache > node2.56405: Flags [S.], seq 3838238406, ack 543801637, win 14480, options [mss 1460,sackOK,TS val 21473912 ecr 316677793,nop,wscale 6], length 0
20:47:23.100465 IP node2.56405 > node1.webcache: Flags [S], seq 543801636, win 14600, options [mss 1460,sackOK,TS val 316684795 ecr 0,nop,wscale 7], length 0
20:47:23.101372 IP node1.webcache > node2.56405: Flags [S.], seq 3838238406, ack 543801637, win 14480, options [mss 1460,sackOK,TS val 21477510 ecr 316677793,nop,wscale 6], length 0
20:47:23.704749 IP node1.webcache > node2.56405: Flags [S.], seq 3838238406, ack 543801637, win 14480, options [mss 1460,sackOK,TS val 21478114 ecr 316677793,nop,wscale 6], length 0
20:47:31.100324 IP node2.56405 > node1.webcache: Flags [S], seq 543801636, win 14600, options [mss 1460,sackOK,TS val 316692795 ecr 0,nop,wscale 7], length 0
20:47:31.100506 IP node1.webcache > node2.56405: Flags [S.], seq 3838238406, ack 543801637, win 14480, options [mss 1460,sackOK,TS val 21485510 ecr 316677793,nop,wscale 6], length 0
20:47:31.709696 IP node1.webcache > node2.56405: Flags [S.], seq 3838238406, ack 543801637, win 14480, options [mss 1460,sackOK,TS val 21486119 ecr 316677793,nop,wscale 6], length 0

tcp        0      1 192.168.137.3:56405         192.168.137.2:8080          SYN_SENT    
node2:/root#netstat -na |grep 8080
tcp        0      1 192.168.137.3:56405         192.168.137.2:8080          SYN_SENT    

Published by

风君子

独自遨游何稽首 揭天掀地慰生平

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注