取决于iphdr.saddr字段。
当它被设置为我自己的地址或随机多播地址时,我可以看到服务器回复了syn / ack数据包。
如果设置为其他ips,则服务器不回复。
怎么解释呢?
多播地址案例:
13:55:08.242535 IP 240.151.224.61.13579 > localhost.5223: Flags [S], seq 123456, win 4096, length 0
E..(g+..@......=....5..g...@....P...$X..
13:55:14.906511 IP 239.151.224.61.13579 > localhost.5223: Flags [S], seq 123456, win 4096, length 0
E..(g+..@......=....5..g...@....P...%X..
13:55:14.906549 IP localhost.5223 > 239.151.224.61.13579: Flags [S.], seq 3502093187, ack 123457, win 43690, options [mss 65495], length 0
E..,..@.@..........=.g5........A,...,N .......
13:55:15.904599 IP localhost.5223> 239.151.224.61.13579:Flags [S.],seq 3502093187,ack 123457,win 43690,options [mss 65495],length 0
`
我自己的地址案例:
14:14:22.989225 IP slave1.domain.com.13579 > localhost.5223: Flags [S], seq 123456, win 4096, length 0
E..(g+..@......m....5..g...@....P...3...
14:14:22.989236 IP localhost.5223 > slave1.domain.com.13579: Flags [S.], seq 3228604881, ack 123457, win 43690, options [mss 65495], length 0
E..,..@.@..........m.g5..p.....A ... A5 ......
14:14:22.989259 IP slave1.domain.com.13579> localhost.5223:Flags [。],ack 3228604882,win 4096,length 0
è..(.. @。@ ......米.... 5..g ... A.p..P .......
`
没有syn / ack回复案例:
14:16:18.719629 IP 223.151.224.61.13579 > localhost.5223: Flags [S], seq 123456, win 4096, length 0
E..(g+..@......=....5..g...@....P...5X..
14:16:46.511299 IP 240.151.224.61.13579 > localhost.5223: Flags [S], seq 123456, win 4096, length 0
E..(g+..@......=....5..g...@....P...$X..
答案 0 :(得分:0)
iphdr.saddr表示IP数据包的源地址。我假设您的SYN数据包的接收端将尝试使用ACK响应您在IP数据包中提供的任何源地址。