Ethereal-users: [Ethereal-users] ethereal syntax for debugs viewing
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
Â
Hi,
This is Damodar working in the networking field.
I went through few archives based upon TCP seq no. at
http://www.ethereal.com/lists/ethereal-users/200305/msg00160.html
I appreciate if some body can help me clarify on 2 issues:
1) Basically what is the syntax/command that needs to be executed on a linux box running ethereal, for TCP Sequence Number Analysis - details viewing ?
2) I remember i observed a scenario with ethereal output like of the form:
ftp > 1111 [FIN, ACK] Seq=x-1 Ack=z Win=some number Len=0
ftp > 1111 [ACK] Seq=x Ack=y Win=some number Len=0
ftp > 1111 [ACK] Seq=x Ack=y+1 Win=some number Len=0
ftp > 1111 [ACK] Seq=x Ack=y+2 Win=some number Len=0
ftp > 1111 [ACK] Seq=x Ack=y+3 Win=some number Len=0
ftp > 1111 [FIN, ACK] Seq=x-1 Ack=y+4 Win=some number Len=0 <<<<<
ftp > 1111 [RST] Seq=x Ack=0 Win=some number Len=0 <<<<<
Here in the above form of output there is 1 more ACK expected before the marked entry [FIN, ACK]. But for some reasons this FIN, ACK is generated with sequence number 1 less and followed by a RST control.
Could you please help on finding out what is wrong here ?
Thanks,
Damodar.
_______________________________________________ Ethereal-users mailing list Ethereal-users@xxxxxxxxxxxx http://www.ethereal.com/mailman/listinfo/ethereal-users
- Follow-Ups:
- Re: [Ethereal-users] ethereal syntax for debugs viewing
- From: Jack Jackson
- Re: [Ethereal-users] ethereal syntax for debugs viewing
- Prev by Date: [Ethereal-users] VOIP (H323) and 0.99.0
- Next by Date: [Ethereal-users] Odd timestamp behaviour when saving filtered files
- Previous by thread: RE: [Ethereal-users] VOIP (H323) and 0.99.0
- Next by thread: Re: [Ethereal-users] ethereal syntax for debugs viewing
- Index(es):