11-15-2012
Here is the packet by packet: A client sends a TCP syn bit packet from his socket to a listening socket on a server. The server sends a syn-ack packet back and sets up a connection filter to divert this clients packets to a child socket that is now considered possible 'connected' to the client, so the listener just gets new connection packets. Middle packets are just ack packets, as I recall. When idle, keep-alive packets are sent, to ensure timers do not expire saying there is a disconnect. Sometimes routers delete and fake these to reduce traffic! Either end could send a fin packet to close it, and expects a fin-ack packet back in response. If a code bit gets a stale socket, and asks for the peer name (remote ip and port), while the information is probably available, the fact that the connection is closed is deemed a more appropriate response -- no point beating a dead horse, as it were.
Last edited by DGPickett; 11-15-2012 at 06:47 PM..
This User Gave Thanks to DGPickett For This Post:
9 More Discussions You Might Find Interesting
1. Solaris
Someone who can help me. the following error occur, what does it mean, and any possible solution you can give.thanks
syslog: fp: NOTICE: fp(2): PLOGI to d5900 failed state=Packet Transport error , reason=No Connection (Database)
$cat /var/adm/messages
Nov 3 05:16:21 vfaus279 fp: ... (7 Replies)
Discussion started by: o_m_g
7 Replies
2. Shell Programming and Scripting
I'm not sure how to phrase this...
We currently have a server that we have to load a special kind of file onto, to do this we have a script that someone on my team wrote years ago called emm <file>. We recently added another server to our system, so every file that's added on one has to be added... (2 Replies)
Discussion started by: DeCoTwc
2 Replies
3. UNIX for Advanced & Expert Users
Dear Friends,
I am using Solaris 10 on Sun Sparc T5120 with 4 HDD(Raid).I am getting transport error in one of my mirrored HDD c1t2d0. Below is a screen shot. I have replaced the HDD with new one but still the same. Any one can help????
c1t2d0 Soft Errors: 0 Hard Errors: 0... (1 Reply)
Discussion started by: solaris5.10
1 Replies
4. Shell Programming and Scripting
Hi, my problem:
gzgrep "^.\{376\}8301685001120" filename /dev/null
###ERROR ###
grep: RE error 11: Range endpoint too large.
Whats my mistake?
Is the position 376 to large for grep???
Thanks. (2 Replies)
Discussion started by: Timmää
2 Replies
5. Solaris
I am trying to set up a two host cluster. trouble is with the cluster transport configuration.
i'm using e1000g2 and g3 for the cluster transport. global0 and global1 are my two nodes, and I am running the scinstall from global1.
i think i should be expecting, is this:
The following... (19 Replies)
Discussion started by: frustin
19 Replies
6. Solaris
what is the difference between softerrors,harderrors,transport errors? (3 Replies)
Discussion started by: tv.praveenkumar
3 Replies
7. Programming
i've made a simple program that change a string from lowercase to uppercase and from uppercase to lowercase. Server works until start client, after client run server give this error: "recv server fallita: Transport endpoint is not connected" why? i think that stream closed too soon or not? below... (1 Reply)
Discussion started by: tafazzi87
1 Replies
8. UNIX for Dummies Questions & Answers
Hi Unix experts,
I have a question regarding a disk failure seen in "iostat -Enm" output:
# iostat -Enm
c1t0d0 Soft Errors: 0 Hard Errors: 7 Transport Errors: 9
Vendor: FUJITSU Product: MAU3073NCSUN72G Revision: 0802 Serial No: 0514F005M0
Size: 73.40GB <73400057856 bytes>
Media... (5 Replies)
Discussion started by: dyavuzy1
5 Replies
9. Solaris
Hi Folks,
Here is one for the real Solaris aficionados on the site;
I have a T5240 and have to create an I/O domain with access to the serial port, in this case /dev/term/a and although I have been through the documentation I'm having some issues in identifying the device to assign.
What I... (2 Replies)
Discussion started by: gull04
2 Replies
LEARN ABOUT DEBIAN
ashunt
ashunt(8) netsniff-ng-toolkit ashunt(8)
NAME
ashunt - Autonomous System (AS) trace route utility
SYNOPSIS
ashunt -H|--host <host> -i|-d|--dev <dev> [-6|--ipv6] [-n|--numeric] [-N|--dns] [-f|--init-ttl <ttl>] [-m|--max-ttl <ttl>]
[-q|--num-probes] [-x|--timeout <sec>] [-S|--syn] [-A|--ack] [-F|--fin] [-P|--psh] [-U|--urg] [-R|--rst] [-E|--ecn-syn] [-t|--tos
<tos>] [-G|--nofrag] [-X|--payload <string>] [-Z|--show-packet] [-l|--totlen <len>] [-w|--whois <server>] [-W|--wport <port>]
[--city-db <path>] [--country-db <path>] [-v|--version] [-h|--help]
DESCRIPTION
This program provides AS information on each hop between the client and the target host.
OPTIONS
ashunt -i eth0 -N -E -H netsniff-ng.org
IPv4 trace of AS with TCP ECN SYN probe
ashunt -i eth0 -N -S -H netsniff-ng.org
IPv4 trace of AS with TCP SYN probe
ashunt -i eth0 -N -F -H netsniff-ng.org
IPv4 trace of AS with TCP FIN probe
ashunt -i eth0 -N -FPU -H netsniff-ng.org
IPv4 trace of AS with Xmas probe
ashunt -i eth0 -N -H netsniff-ng.org -X "censor-me" -Z
IPv4 trace of AS with Null probe with ASCII payload
ashunt -6 -S -i eth0 -H netsniff-ng.org
IPv6 trace of AS up to netsniff-ng.org
OPTIONS
-h|--help
Print help text and lists all options.
-v|--version
Print version.
-H|--host <host>
Host/IPv4/IPv6 to lookup AS route to
i-|-d|--dev <netdev>
Networking device, i.e. eth0
-p|--port <port>
Hosts port to lookup AS route to
-4|--ipv4
Use IPv4 requests (default)
-6|--ipv6
Use IPv6 requests
-n|--numeric
Do not do reverse DNS lookup for hops
-N|--dns
Do a reverse DNS lookup for hops
-f|--init-ttl <ttl>
Set initial TTL
-m|--max-ttl <ttl>
Set maximum TTL (default: 30)
-q|--num-probes <num>
Number of max probes for each hop (default: 3)
-x|--timeout <sec>
Probe response timeout in sec (default: 3)
-S|--syn
Set TCP SYN flag in packets
-A|--ack
Set TCP ACK flag in packets
-F|--fin
Set TCP FIN flag in packets
-P|--psh
Set TCP PSH flag in packets
-U|--urg
Set TCP URG flag in packets
-R|--rst
Set TCP RST flag in packets
-E|--ecn-syn
Send ECN SYN packets (RFC3168)
-t|--tos <tos>
Set the IP TOS field
-w|--whois <server>
Use a different AS whois DB server (default: /etc/netsniff-ng/whois.conf)
-W|--wport <port>
Use a different port to AS whois server (default: /etc/netsniff-ng/whois.conf)
--city-db <path>
Specifiy path for geoip city database
--country-db <path>
Specifiy path for geoip country database
AUTHOR
Written by Daniel Borkmann <daniel@netsniff-ng.org>
DOCUMENTATION
Documentation by Emmanuel Roullit <emmanuel@netsniff-ng.org>
BUGS
Please report bugs to <bugs@netsniff-ng.org>
2012-06-29 ashunt(8)