[ale] Using tcpdump to diagnose website connecting
Mike Millson
mmillson at meritonlinesystems.com
Thu Apr 24 19:41:21 EDT 2003
I have a RH 7.1 box that I am using as a router and does NAT to share my
ADSL connection with a Windoze 2K machine.
I cannot connect to www.mrslim.com from the Linux box; however, I can
from the Windoze box.
Using tcpdump, I see the difference in the connections is that the
Windoze SYN is ACK'd, but the Linux SYN is not.
Here are the relevant tcpdump lines:
Router/Server:
16:56:08.050143 68.157.175.145.53263 > 216.237.21.5.http: SWE
1875630922:1875630922(0) win 5808 <mss 1452,sackOK,timestamp 852565069
0,nop,wscale 0> (DF)
Windoze machine:
17:05:05.346259 68.157.175.145.3490 > 216.237.21.5.http: S
3816606182:3816606182(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)
I'm running iptables, and any packets I reject are logged. I don't see
any rejected packets logged when the SYN is not answered - just the
connection times out after multiple SYN requests are not answered.
Can anyone shed any light what is going on here why the Linux SYN is not
being answered and how I can fix this? How come the linux box issues an
SWE request instead of just S? What is SWE?
Thank you,
Mike
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list