| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 3 Sep 2009 22:41:52 +0800 From: Treker Chen <treker.chen@...il.com> To: linux-kernel@...r.kernel.org Subject: Why sometimes linux kernel does not reply the ACK of second FIN packet? Hi all I was wondering if anyone know sometimes linux kernel seems does not reply the ACK to the second FIN packet? I tried it on Linux Ubuntu804Server 2.6.24-16-server #1 SMP Thu Apr 10 13:58:00 UTC 2008 i686 GNU/Linux and here is the tcpdump log 22:24:37.444551 IP 192.168.6.3.42049 > 192.168.6.30.22: S 880658043:880658043(0) win 5840 <mss 1000,sackOK,timestamp 405800485 0,nop,wscale 7> 22:24:37.445091 IP 192.168.6.30.22 > 192.168.6.3.42049: S 1391057992:1391057992(0) ack 880658044 win 5792 <mss 1460,sackOK,timestamp 68876023 405800485,nop,wscale 6> 22:24:37.445182 IP 192.168.6.3.42049 > 192.168.6.30.22: . ack 1 win 46 <nop,nop,timestamp 405800485 68876023> 22:24:37.453582 IP 192.168.6.30.22 > 192.168.6.3.42049: P 1:39(38) ack 1 win 91 <nop,nop,timestamp 68876024 405800485> 22:24:37.453663 IP 192.168.6.3.42049 > 192.168.6.30.22: . ack 39 win 46 <nop,nop,timestamp 405800486 68876024> 22:24:39.183281 IP 192.168.6.3.42049 > 192.168.6.30.22: P 1:3(2) ack 39 win 46 <nop,nop,timestamp 405800659 68876024> 22:24:39.183846 IP 192.168.6.30.22 > 192.168.6.3.42049: . ack 3 win 91 <nop,nop,timestamp 68876196 405800659> 22:24:39.183899 IP 192.168.6.30.22 > 192.168.6.3.42049: P 39:58(19) ack 3 win 91 <nop,nop,timestamp 68876196 405800659> 22:24:39.183934 IP 192.168.6.3.42049 > 192.168.6.30.22: . ack 58 win 46 <nop,nop,timestamp 405800659 68876196> 22:24:39.183952 IP 192.168.6.30.22 > 192.168.6.3.42049: F 58:58(0) ack 3 win 91 <nop,nop,timestamp 68876196 405800659> 22:24:39.184636 IP 192.168.6.3.42049 > 192.168.6.30.22: F 3:3(0) ack 59 win 46 <nop,nop,timestamp 405800659 68876196> 22:24:39.185093 IP 192.168.6.30.22 > 192.168.6.3.42049: . ack 4 win 91 <nop,nop,timestamp 68876196 405800659> you can see at the end there is only one ACK packet and sometimes it did. does any one know the possible reason? I am asking this because with a high traffic server, it caused lots' of connection in TIME_WAIT state, and i was suspecting that's causing the issue. please kindly CC to my email address. thanks Regards Treker -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists