Linux 下 HTTP连接超时

时间:2021-01-13 16:11:06

将项目部署到现场环境,HTTP请求莫名奇妙的连接超时,通过抓包定位了问题,是请求的IP被禁止掉。其中用到了抓包,将记录记录于此。

tcpdump host 120.197.89.51 -i any -vvv

::06.241085 IP (tos 0x0, ttl , id , offset , flags [DF], proto TCP (), length )

    192.168.106.107. > 120.197.89.51.http: Flags [S], cksum 0x3884 (correct), seq , win , options [mss ,sackOK,TS val  ecr ,nop,wscale ], length

::06.268772 IP (tos 0x0, ttl , id , offset , flags [DF], proto TCP (), length )

    120.197.89.51.http > 192.168.106.107.: Flags [S.], cksum 0xdfa2 (correct), seq , ack , win , options [mss ,sackOK,TS val  ecr ], length

::06.268790 IP (tos 0x0, ttl , id , offset , flags [DF], proto TCP (), length )

    192.168.106.107. > 120.197.89.51.http: Flags [.], cksum 0xe0eb (correct), seq , ack , win , options [nop,nop,TS val  ecr ], length

::06.268925 IP (tos 0x0, ttl , id , offset , flags [DF], proto TCP (), length )

    192.168.106.107. > 120.197.89.51.http: Flags [P.], cksum 0xd3eb (correct), seq :, ack , win , options [nop,nop,TS val  ecr ], length

::06.301625 IP (tos 0x0, ttl , id , offset , flags [DF], proto TCP (), length )

    120.197.89.51.http > 192.168.106.107.: Flags [P.], cksum 0x15f1 (correct), seq :, ack , win , options [nop,nop,TS val  ecr ], length

::06.301647 IP (tos 0x0, ttl , id , offset , flags [DF], proto TCP (), length )

    192.168.106.107. > 120.197.89.51.http: Flags [.], cksum 0xda62 (correct), seq , ack , win , options [nop,nop,TS val  ecr ], length

::06.301778 IP (tos 0x0, ttl , id , offset , flags [DF], proto TCP (), length )

    192.168.106.107. > 120.197.89.51.http: Flags [F.], cksum 0xda61 (correct), seq , ack , win , options [nop,nop,TS val  ecr ], length

::06.329476 IP (tos 0x0, ttl , id , offset , flags [DF], proto TCP (), length )

    120.197.89.51.http > 192.168.106.107.: Flags [.], cksum 0x1717 (correct), seq , ack , win , options [nop,nop,TS val  ecr ], length

::06.329710 IP (tos 0x0, ttl , id , offset , flags [DF], proto TCP (), length )

    120.197.89.51.http > 192.168.106.107.: Flags [F.], cksum 0x1716 (correct), seq , ack , win , options [nop,nop,TS val  ecr ], length

::06.329719 IP (tos 0x0, ttl , id , offset , flags [DF], proto TCP (), length )

    192.168.106.107. > 120.197.89.51.http: Flags [.], cksum 0xda41 (correct), seq , ack , win , options [nop,nop,TS val  ecr ], length

这里简单解释下tcpdump TCP包的输出信息

用TCPDUMP捕获的TCP包的一般输出信息是:

src > dst: flags data-seqno ack window urgent options

src > dst:表明从源地址到目的地址, flags是TCP包中的标志信息,S 是SYN标志, F (FIN), P (PUSH) , R (RST) "." (没有标记);

data-seqno是数据包中的数据的顺序号, 
ack是下次期望的顺序号, 
window是接收缓存的窗口大小,

urgent表明数据包中是否有紧急指针. 
options是选项.

每一行中间都有这个包所携带的标志:

S=SYN,发起连接标志

P=PUSH,传送数据标志

F=FIN,关闭连接标志

ack    表示确认包

RST= RESET,异常关闭连接

. 表示没有任何标志

 参考

http://dngood.blog.51cto.com/446195/988968/

相关文章