[lwip-devel] TCP FIN problem.

lwip-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lwip-devel] TCP FIN problem.

From:	David Woodhouse
Subject:	[lwip-devel] TCP FIN problem.
Date:	Fri, 03 Oct 2008 13:30:53 +0100

When I have the default 'outgoing connections only' firewall enabled on
Fedora, and I telnet into the simhost and then type 'quit', the
connection doesn't seem to get closed.

13:23:35.479365 IP 192.168.0.1.32800 > 192.168.0.2.telnet: S 
47217249:47217249(0) win 5840 <mss 1460,sackOK,timestamp 55345005 0,nop,wscale 
7>
13:23:35.479563 IP 192.168.0.2.telnet > 192.168.0.1.32800: S 7194:7194(0) ack 
47217250 win 8096 <mss 1024>
13:23:35.479617 IP 192.168.0.1.32800 > 192.168.0.2.telnet: . ack 1 win 5840
13:23:35.480067 IP 192.168.0.1.32800 > 192.168.0.2.telnet: P 1:28(27) ack 1 win 
5840
13:23:35.480267 IP 192.168.0.2.telnet > 192.168.0.1.32800: . ack 28 win 8096
13:23:35.480373 IP 192.168.0.2.telnet > 192.168.0.1.32800: P 1:152(151) ack 28 
win 8096
13:23:35.480395 IP 192.168.0.1.32800 > 192.168.0.2.telnet: . ack 152 win 6432
13:23:35.480704 IP 192.168.0.2.telnet > 192.168.0.1.32800: P 152:154(2) ack 28 
win 8096
13:23:35.480729 IP 192.168.0.1.32800 > 192.168.0.2.telnet: . ack 154 win 6432
13:23:36.922745 IP 192.168.0.1.32800 > 192.168.0.2.telnet: P 28:34(6) ack 154 
win 6432
13:23:36.922880 IP 192.168.0.2.telnet > 192.168.0.1.32800: . ack 34 win 8096
13:23:36.922945 IP 192.168.0.2.telnet > 192.168.0.1.32800: F 154:154(0) ack 
4247750047 win 0
13:23:36.922963 IP 192.168.0.1 > 192.168.0.2: ICMP host 192.168.0.1 unreachable 
- admin prohibited, length 48
13:23:38.116454 IP 192.168.0.2.telnet > 192.168.0.1.32800: F 154:154(0) ack 
4247750047 win 0
13:23:38.116510 IP 192.168.0.1 > 192.168.0.2: ICMP host 192.168.0.1 unreachable 
- admin prohibited, length 48
13:23:41.118039 IP 192.168.0.2.telnet > 192.168.0.1.32800: F 154:154(0) ack 
4247750047 win 0
13:23:41.118110 IP 192.168.0.1 > 192.168.0.2: ICMP host 192.168.0.1 unreachable 
- admin prohibited, length 48

Presumably the FIN is being rejected because the sequence number is nonsense?
 'ack 4247750047'?


If I disable the firewall, I _do_ get the 'Connection closed by foreign
host' response and the telnet client exits as I expect. It looks like
this -- the FIN packet from the simhost is still bogus, but at least the
client end does respond by closing the connection. Which is perhaps why
nobody usually cares? 

13:25:32.543868 IP 192.168.0.1.32815 > 192.168.0.2.telnet: S 
1888430429:1888430429(0) win 5840 <mss 1460,sackOK,timestamp 55462069 
0,nop,wscale 7>
13:25:32.544057 IP 192.168.0.2.telnet > 192.168.0.1.32815: S 9423:9423(0) ack 
1888430430 win 8096 <mss 1024>
13:25:32.544096 IP 192.168.0.1.32815 > 192.168.0.2.telnet: . ack 1 win 5840
13:25:32.544513 IP 192.168.0.1.32815 > 192.168.0.2.telnet: P 1:28(27) ack 1 win 
5840
13:25:32.544703 IP 192.168.0.2.telnet > 192.168.0.1.32815: . ack 28 win 8096
13:25:32.544823 IP 192.168.0.2.telnet > 192.168.0.1.32815: P 1:152(151) ack 28 
win 8096
13:25:32.544845 IP 192.168.0.1.32815 > 192.168.0.2.telnet: . ack 152 win 6432
13:25:32.544993 IP 192.168.0.2.telnet > 192.168.0.1.32815: P 152:154(2) ack 28 
win 8096
13:25:32.545011 IP 192.168.0.1.32815 > 192.168.0.2.telnet: . ack 154 win 6432
13:25:35.764009 IP 192.168.0.1.32815 > 192.168.0.2.telnet: P 28:34(6) ack 154 
win 6432
13:25:35.764277 IP 192.168.0.2.telnet > 192.168.0.1.32815: . ack 34 win 8096
13:25:35.764472 IP 192.168.0.2.telnet > 192.168.0.1.32815: F 154:154(0) ack 
2406536867 win 0
13:25:35.764630 IP 192.168.0.1.32815 > 192.168.0.2.telnet: F 34:34(0) ack 155 
win 6432
13:25:35.764698 IP 192.168.0.2.telnet > 192.168.0.1.32815: . ack 2406536867 win 0
13:25:35.965344 IP 192.168.0.1.32815 > 192.168.0.2.telnet: F 34:34(0) ack 155 
win 6432
13:25:35.965457 IP 192.168.0.2.telnet > 192.168.0.1.32815: . ack 35 win 0


 
-- 
David Woodhouse                            Open Source Technology Centre
address@hidden                              Intel Corporation

[Prev in Thread]

Current Thread

[Next in Thread]

[lwip-devel] TCP FIN problem., David Woodhouse <=
- Re: [lwip-devel] TCP FIN problem., Kieran Mansley, 2008/10/03
  - Re: [lwip-devel] TCP FIN problem., David Woodhouse, 2008/10/03
    - Re: [lwip-devel] TCP FIN problem., Kieran Mansley, 2008/10/03
  - Re: [lwip-devel] TCP FIN problem., David Woodhouse, 2008/10/03
  - Re: [lwip-devel] TCP FIN problem., David Woodhouse, 2008/10/03
    - Re: [lwip-devel] TCP FIN problem., Kieran Mansley, 2008/10/03
    - Re: [lwip-devel] TCP FIN problem., Kieran Mansley, 2008/10/03
    - Re: [lwip-devel] TCP FIN problem., David Woodhouse, 2008/10/03
    - Re: [lwip-devel] TCP FIN problem., address@hidden, 2008/10/03

Prev by Date: [lwip-devel] [PATCH] Fix aliasing violation.
Next by Date: Re: [lwip-devel] TCP FIN problem.
Previous by thread: [lwip-devel] [PATCH] Fix aliasing violation.
Next by thread: Re: [lwip-devel] TCP FIN problem.
Index(es):
- Date
- Thread