免费注册 查看新帖 |

Chinaunix

  平台 论坛 博客 文库
论坛 程序设计 Linux环境编程 求助:tcp rst不成功的原因
最近访问板块 发新帖
查看: 6035 | 回复: 4
打印 上一主题 下一主题

求助:tcp rst不成功的原因 [复制链接]

devilcash

论坛徽章:
0
跳转到指定楼层
1 [收藏(0)] [报告]
发表于 2011-02-12 17:59 |只看该作者 |倒序浏览
编程实现tcp rst阻断tcp链接,下面是我用tcpdump抓的包,明明已经收到了tcp rst包,但是为什么没有阻断这个tcp连接

04:51:18.920884 IP 192.168.8.206.jvclient > 192.168.8.209.http: S 3920581985:3920581985(0) win 65535 <mss 1460,nop,nop,sackOK>
04:51:18.920905 IP 192.168.8.209.http > 192.168.8.206.jvclient: S 1441956853:1441956853(0) ack 3920581986 win 5840 <mss 1460,nop,nop,sackOK>
04:51:18.921189 IP 192.168.8.206.jvclient > 192.168.8.209.http: . ack 1 win 65535
04:51:18.921394 IP 192.168.8.206.jvclient > 192.168.8.209.http: P 1:306(305) ack 1 win 65535
04:51:18.921415 IP 192.168.8.209.http > 192.168.8.206.jvclient: . ack 306 win 6432
04:51:18.921425 IP 192.168.8.206.jvclient > 192.168.8.209.http: R 306:306(0) ack 1 win 0
04:51:18.921581 IP 192.168.8.206.jvclient > 192.168.8.209.http: R 306:306(0) ack 1 win 0
04:51:18.922055 IP 192.168.8.209.http > 192.168.8.206.jvclient: . 1:1461(1460) ack 306 win 6432
04:51:18.922062 IP 192.168.8.209.http > 192.168.8.206.jvclient: . 1461:2921(1460) ack 306 win 6432
04:51:18.922461 IP 192.168.8.206.jvclient > 192.168.8.209.http: R 306:306(0) ack 1461 win 0
04:51:18.922582 IP 192.168.8.206.jvclient > 192.168.8.209.http: R 306:306(0) ack 2921 win 0
04:51:18.922746 IP 192.168.8.206.jvclient > 192.168.8.209.http: . ack 2921 win 65535
04:51:18.922756 IP 192.168.8.209.http > 192.168.8.206.jvclient: . 2921:4381(1460) ack 306 win 6432
04:51:18.922760 IP 192.168.8.209.http > 192.168.8.206.jvclient: FP 4381:5241(860) ack 306 win 6432
04:51:18.922763 IP 192.168.8.206.jvclient > 192.168.8.209.http: R 306:306(0) ack 2921 win 0
04:51:18.923155 IP 192.168.8.206.jvclient > 192.168.8.209.http: R 306:306(0) ack 4381 win 0
04:51:18.923158 IP 192.168.8.206.jvclient > 192.168.8.209.http: R 306:306(0) ack 5241 win 0
04:51:18.923340 IP 192.168.8.206.jvclient > 192.168.8.209.http: . ack 5242 win 65535
04:51:18.923346 IP 192.168.8.206.jvclient > 192.168.8.209.http: R 306:306(0) ack 5242 win 0
04:51:18.924057 IP 192.168.8.206.jvclient > 192.168.8.209.http: F 306:306(0) ack 5242 win 65535
04:51:18.924062 IP 192.168.8.209.http > 192.168.8.206.jvclient: . ack 307 win 6432
04:51:18.924074 IP 192.168.8.206.jvclient > 192.168.8.209.http: R 306:306(0) ack 5242 win 0
04:51:18.924221 IP 192.168.8.206.jvclient > 192.168.8.209.http: R 307:307(0) ack 5242 win 0
devilcash

论坛徽章:
0
2 [报告]
发表于 2011-02-12 19:18 |只看该作者
自己顶一下
实战分享:从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线! | 新一代分布式关系型数据库RadonDB知多少?
wzypunk

论坛徽章:
0
3 [报告]
发表于 2011-02-14 08:16 |只看该作者
你-v一下出来看看?
实战分享:从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线! | 新一代分布式关系型数据库RadonDB知多少?
devilcash

论坛徽章:
0
4 [报告]
发表于 2011-02-14 13:51 |只看该作者
00:33:10.299633 IP (tos 0x0, ttl 128, id 43263, offset 0, flags [DF], proto: TCP (6), length: 4 192.168.8.206.sophia-lm > 192.168.8.209.http: S, cksum 0x66ba (correct), 1477782416:1477782416(0) win 65535 <mss 1460,nop,nop,sackOK>
00:33:10.299655 IP (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto: TCP (6), length: 4 192.168.8.209.http > 192.168.8.206.sophia-lm: S, cksum 0xb8de (correct), 67015420:67015420(0) ack 1477782417 win 5840 <mss 1460,nop,nop,sackOK>
00:33:10.299923 IP (tos 0x0, ttl 128, id 43265, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.8.206.sophia-lm > 192.168.8.209.http: ., cksum 0xfc72 (correct), ack 1 win 65535
00:33:10.300375 IP (tos 0x0, ttl 128, id 43266, offset 0, flags [DF], proto: TCP (6), length: 345) 192.168.8.206.sophia-lm > 192.168.8.209.http: P 1:306(305) ack 1 win 65535
00:33:10.300393 IP (tos 0x0, ttl  64, id 4710, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.8.209.http > 192.168.8.206.sophia-lm: ., cksum 0xe221 (correct), ack 306 win 6432
00:33:10.300401 IP (tos 0x0, ttl 255, id 43267, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.8.206.sophia-lm > 192.168.8.209.http: R, cksum 0x1711 (incorrect (-> 0xfb3d), 306:306(0) ack 1 win 65535
00:33:10.300561 IP (tos 0x0, ttl 255, id 0, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.8.206.sophia-lm > 192.168.8.209.http: R, cksum 0xfdf0 (incorrect (-> 0xe21d), 306:306(0) ack 1 win 6432
00:33:10.301034 IP (tos 0x0, ttl  64, id 4711, offset 0, flags [DF], proto: TCP (6), length: 1500) 192.168.8.209.http > 192.168.8.206.sophia-lm: . 1:1461(1460) ack 306 win 6432
00:33:10.301042 IP (tos 0x0, ttl  64, id 4712, offset 0, flags [DF], proto: TCP (6), length: 1500) 192.168.8.209.http > 192.168.8.206.sophia-lm: . 1461:2921(1460) ack 306 win 6432
00:33:10.301442 IP (tos 0x0, ttl 255, id 0, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.8.206.sophia-lm > 192.168.8.209.http: R, cksum 0xfdf0 (incorrect (-> 0xdc69), 306:306(0) ack 1461 win 6432
00:33:10.301564 IP (tos 0x0, ttl 255, id 0, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.8.206.sophia-lm > 192.168.8.209.http: R, cksum 0xfdf0 (incorrect (-> 0xd6b5), 306:306(0) ack 2921 win 6432
00:33:10.301686 IP (tos 0x0, ttl 128, id 43268, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.8.206.sophia-lm > 192.168.8.209.http: ., cksum 0xefd9 (correct), ack 2921 win 65535
00:33:10.301697 IP (tos 0x0, ttl  64, id 4713, offset 0, flags [DF], proto: TCP (6), length: 1500) 192.168.8.209.http > 192.168.8.206.sophia-lm: . 2921:4381(1460) ack 306 win 6432
00:33:10.301701 IP (tos 0x0, ttl  64, id 4714, offset 0, flags [DF], proto: TCP (6), length: 900) 192.168.8.209.http > 192.168.8.206.sophia-lm: FP 4381:5241(860) ack 306 win 6432
00:33:10.301704 IP (tos 0x0, ttl 255, id 43269, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.8.206.sophia-lm > 192.168.8.209.http: R, cksum 0x1711 (incorrect (-> 0xefd5), 306:306(0) ack 2921 win 65535
00:33:10.302115 IP (tos 0x0, ttl 255, id 0, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.8.206.sophia-lm > 192.168.8.209.http: R, cksum 0xfdf0 (incorrect (-> 0xd101), 306:306(0) ack 4381 win 6432
00:33:10.302117 IP (tos 0x0, ttl 255, id 0, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.8.206.sophia-lm > 192.168.8.209.http: R, cksum 0xfdf0 (incorrect (-> 0xcda5), 306:306(0) ack 5241 win 6432
00:33:10.302299 IP (tos 0x0, ttl 128, id 43270, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.8.206.sophia-lm > 192.168.8.209.http: ., cksum 0xe6c8 (correct), ack 5242 win 65535
00:33:10.302305 IP (tos 0x0, ttl 255, id 43271, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.8.206.sophia-lm > 192.168.8.209.http: R, cksum 0x1711 (incorrect (-> 0xe6c4), 306:306(0) ack 5242 win 65535
00:33:10.302693 IP (tos 0x0, ttl 128, id 43271, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.8.206.sophia-lm > 192.168.8.209.http: F, cksum 0xe6c7 (correct), 306:306(0) ack 5242 win 65535
00:33:10.302698 IP (tos 0x0, ttl  64, id 4715, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.8.209.http > 192.168.8.206.sophia-lm: ., cksum 0xcda7 (correct), ack 307 win 6432
00:33:10.302712 IP (tos 0x0, ttl 255, id 43272, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.8.206.sophia-lm > 192.168.8.209.http: R, cksum 0x1711 (incorrect (-> 0xe6c4), 306:306(0) ack 5242 win 65535
00:33:10.302853 IP (tos 0x0, ttl 255, id 0, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.8.206.sophia-lm > 192.168.8.209.http: R, cksum 0xfdf0 (incorrect (-> 0xcda3), 307:307(0) ack 5242 win 6432


显示校验和不正确


        char buf[128] = {0};
        psd_hdr_t psd;
        psd.src = new_ipv4->src_ip;
        psd.dst = new_ipv4->dst_ip;
        psd.mbz = 0;
        psd.protocol = 6;
        psd.tcp_hdr = 20;//sizeof(ewx_dpi_tcp_hdr_t);
        memcpy(buf, &psd, 12);//sizeof(psd_hdr_t));
        memcpy(buf+12, new_tcp, 20);
        new_tcp->checksum = check((uint16_t*)buf, 32);

计算tcp校验和哪里不对了,PS:check函数应该是对,不然ip校验和也会报错
实战分享:从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线! | 新一代分布式关系型数据库RadonDB知多少?
luoyan_xy

论坛徽章:
0
5 [报告]
发表于 2011-02-16 09:23 |只看该作者
如果check函数是正确的话,是不是你在计算之前没有把tcp->checksum给置0,我原来遇到一次问题就是这个样子的,不过我是在内核中直接修改的。。。
实战分享:从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线! | 新一代分布式关系型数据库RadonDB知多少?
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则 发表回复

  

北京盛拓优讯信息技术有限公司. 版权所有 京ICP备16024965号-6 北京市公安局海淀分局网监中心备案编号:11010802020122 niuxiaotong@pcpop.com 17352615567
未成年举报专区
中国互联网协会会员  联系我们:huangweiwei@itpub.net
感谢所有关心和支持过ChinaUnix的朋友们 转载本站内容请注明原作者名及出处

清除 Cookies - ChinaUnix - Archiver - WAP - TOP