客户端拒绝服务端过来的连接:

node2:/root#iptables -I INPUT -s 192.168.137.2 -j DROP 

node2:/root#iptables -I INPUT -s 192.168.137.2 -j ACCEPT 




node1:/root#tcpdump -S -i eth1 '((tcp) and  (port 8080) and (host 192.168.137.2) )' 
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes



18:34:48.286206 IP node2.12860 > node1.webcache: Flags [F.], seq 2835618282, ack 1845830511, win 115, options [nop,nop,TS val 165957858 ecr 8948825], length 0
18:34:48.286226 IP node1.webcache > node2.12860: Flags [.], ack 2835618283, win 227, options [nop,nop,TS val 8960593 ecr 165957858], length 0
^C
2 packets captured
2 packets received by filter
0 packets dropped by kernel
node1:/root#tcpdump -S -i eth1 '((tcp) and  (port 8080) and (host 192.168.137.2) )' 
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes

18:34:54.685478 IP node2.12961 > node1.webcache: Flags [S], seq 4149212617, win 14600, options [mss 1460,sackOK,TS val 165964257 ecr 0,nop,wscale 7], length 0
18:34:54.685532 IP node1.webcache > node2.12961: Flags [S.], seq 2191220074, ack 4149212618, win 14480, options [mss 1460,sackOK,TS val 8966992 ecr 165964257,nop,wscale 6], length 0
18:34:54.685686 IP node2.12961 > node1.webcache: Flags [.], ack 2191220075, win 115, options [nop,nop,TS val 165964258 ecr 8966992], length 0
18:34:54.687225 IP node2.12961 > node1.webcache: Flags [P.], seq 4149212618:4149212628, ack 2191220075, win 115, options [nop,nop,TS val 165964258 ecr 8966992], length 10
18:34:54.687246 IP node1.webcache > node2.12961: Flags [.], ack 4149212628, win 227, options [nop,nop,TS val 8966993 ecr 165964258], length 0



18:35:24.719300 IP node1.webcache > node2.12961: Flags [P.], seq 2191220075:2191220094, ack 4149212628, win 227, options [nop,nop,TS val 8997026 ecr 165964258], length 19
18:35:24.920936 IP node1.webcache > node2.12961: Flags [P.], seq 2191220075:2191220094, ack 4149212628, win 227, options [nop,nop,TS val 8997227 ecr 165964258], length 19
18:35:25.322396 IP node1.webcache > node2.12961: Flags [P.], seq 2191220075:2191220094, ack 4149212628, win 227, options [nop,nop,TS val 8997629 ecr 165964258], length 19
18:35:26.127304 IP node1.webcache > node2.12961: Flags [P.], seq 2191220075:2191220094, ack 4149212628, win 227, options [nop,nop,TS val 8998434 ecr 165964258], length 19
18:35:27.736101 IP node1.webcache > node2.12961: Flags [P.], seq 2191220075:2191220094, ack 4149212628, win 227, options [nop,nop,TS val 9000042 ecr 165964258], length 19

18:35:30.952794 IP node1.webcache > node2.12961: Flags [P.], seq 2191220075:2191220094, ack 4149212628, win 227, options [nop,nop,TS val 9003259 ecr 165964258], length 19
18:35:37.384633 IP node1.webcache > node2.12961: Flags [P.], seq 2191220075:2191220094, ack 4149212628, win 227, options [nop,nop,TS val 9009691 ecr 165964258], length 19
18:35:50.248562 IP node1.webcache > node2.12961: Flags [P.], seq 2191220075:2191220094, ack 4149212628, win 227, options [nop,nop,TS val 9022555 ecr 165964258], length 19

18:36:15.976494 IP node1.webcache > node2.12961: Flags [P.], seq 2191220075:2191220094, ack 4149212628, win 227, options [nop,nop,TS val 9048283 ecr 165964258], length 19

18:37:07.433461 IP node1.webcache > node2.12961: Flags [P.], seq 2191220075:2191220094, ack 4149212628, win 227, options [nop,nop,TS val 9099740 ecr 165964258], length 19

18:38:50.346271 IP node1.webcache > node2.12961: Flags [P.], seq 2191220075:2191220094, ack 4149212628, win 227, options [nop,nop,TS val 9202653 ecr 165964258], length 19
18:40:50.346966 IP node1.webcache > node2.12961: Flags [P.], seq 2191220075:2191220094, ack 4149212628, win 227, options [nop,nop,TS val 9322653 ecr 165964258], length 19

18:42:50.346582 IP node1.webcache > node2.12961: Flags [P.], seq 2191220075:2191220094, ack 4149212628, win 227, options [nop,nop,TS val 9442653 ecr 165964258], length 19
18:44:50.346963 IP node1.webcache > node2.12961: Flags [P.], seq 2191220075:2191220094, ack 4149212628, win 227, options [nop,nop,TS val 9562653 ecr 165964258], length 19

18:46:50.346791 IP node1.webcache > node2.12961: Flags [P.], seq 2191220075:2191220094, ack 4149212628, win 227, options [nop,nop,TS val 9682653 ecr 165964258], length 19
18:48:50.347172 IP node1.webcache > node2.12961: Flags [P.], seq 2191220075:2191220094, ack 4149212628, win 227, options [nop,nop,TS val 9802653 ecr 165964258], length 19



重试15个包后 ,连接还是继续建立在那边,断不开


19:48:04.657182 IP node2.11946 > node1.webcache: Flags [F.], seq 1284077103, ack 4196229527, win 115, options [nop,nop,TS val 170354226 ecr 3296952], length 0
19:48:04.660086 IP node1.webcache > node2.11946: Flags [R], seq 4196229527, win 0, length 0
19:48:04.854735 IP node2.11946 > node1.webcache: Flags [F.], seq 1284077103, ack 4196229527, win 115, options [nop,nop,TS val 170354428 ecr 3296952], length 0
19:48:04.855372 IP node1.webcache > node2.11946: Flags [R], seq 4196229527, win 0, length 0
19:48:05.254903 IP node2.11946 > node1.webcache: Flags [F.], seq 1284077103, ack 4196229527, win 115, options [nop,nop,TS val 170354830 ecr 3296952], length 0
19:48:05.255040 IP node1.webcache > node2.11946: Flags [R], seq 4196229527, win 0, length 0
19:48:06.059413 IP node2.11946 > node1.webcache: Flags [F.], seq 1284077103, ack 4196229527, win 115, options [nop,nop,TS val 170355635 ecr 3296952], length 0
19:48:06.060885 IP node1.webcache > node2.11946: Flags [R], seq 4196229527, win 0, length 0
19:48:07.667882 IP node2.11946 > node1.webcache: Flags [F.], seq 1284077103, ack 4196229527, win 115, options [nop,nop,TS val 170357243 ecr 3296952], length 0
19:48:07.668018 IP node1.webcache > node2.11946: Flags [R], seq 4196229527, win 0, length 0
19:48:10.883224 IP node2.11946 > node1.webcache: Flags [F.], seq 1284077103, ack 4196229527, win 115, options [nop,nop,TS val 170360459 ecr 3296952], length 0
19:48:10.883281 IP node1.webcache > node2.11946: Flags [R], seq 4196229527, win 0, length 0
19:48:17.319627 IP node2.11946 > node1.webcache: Flags [F.], seq 1284077103, ack 4196229527, win 115, options [nop,nop,TS val 170366895 ecr 3296952], length 0
19:48:17.319704 IP node1.webcache > node2.11946: Flags [R], seq 4196229527, win 0, length 0
19:48:30.186922 IP node2.11946 > node1.webcache: Flags [F.], seq 1284077103, ack 4196229527, win 115, options [nop,nop,TS val 170379763 ecr 3296952], length 0
19:48:30.186952 IP node1.webcache > node2.11946: Flags [R], seq 4196229527, win 0, length 0
19:48:55.914821 IP node2.11946 > node1.webcache: Flags [F.], seq 1284077103, ack 4196229527, win 115, options [nop,nop,TS val 170405491 ecr 3296952], length 0
19:48:55.914844 IP node1.webcache > node2.11946: Flags [R], seq 4196229527, win 0, length 0


有经过1个小时后, 客户端主动发起了Fin, 服务单响应了R


服务端连接信息:

node1:/root#netstat -na | grep 8080
tcp        0      0 192.168.137.2:8080          0.0.0.0:*                   LISTEN      
node1:/root#


客户端信息:

node2:/root/test#netstat -na | grep 8080
tcp        0      0 192.168.137.3:12961         192.168.137.2:8080          ESTABLISHED