Karthik.Ageer
Joined: Jul 4, 2017
Messages: 11
Offline
|
I have pasted the output of tcpdump here, please let me know if I am using the right command and the output looks ok ?
[root@lab0540 bin]# tcpdump -i eth0 -v host aes7.engcti.com
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
01:55:34.804475 IP (tos 0x0, ttl 64, id 45957, offset 0, flags [DF], proto TCP (6), length 60)
lab0540.39866 > 10.61.1.53.tserver: Flags [S], cksum 0x371e (correct), seq 657722053, win 65535, options [mss 1460,sackOK,TS val 2606479680 ecr 0,nop,wscale 13], length 0
01:55:34.805301 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto TCP (6), length 52)
10.61.1.53.tserver > lab0540.39866: Flags [S.], cksum 0xc8be (correct), seq 1353656130, ack 657722054, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
01:55:34.805323 IP (tos 0x0, ttl 64, id 45958, offset 0, flags [DF], proto TCP (6), length 40)
lab0540.39866 > 10.61.1.53.tserver: Flags [.], cksum 0x7b41 (correct), ack 1, win 96, length 0
01:55:34.805885 IP (tos 0x0, ttl 64, id 45959, offset 0, flags [DF], proto TCP (6), length 67)
lab0540.39866 > 10.61.1.53.tserver: Flags [P.], cksum 0xecff (incorrect -> 0x181a), seq 1:28, ack 1, win 96, length 27
01:55:34.806277 IP (tos 0x0, ttl 63, id 3760, offset 0, flags [DF], proto TCP (6), length 40)
10.61.1.53.tserver > lab0540.39866: Flags [.], cksum 0x7aa1 (correct), ack 28, win 229, length 0
01:55:34.862942 IP (tos 0x0, ttl 63, id 3761, offset 0, flags [DF], proto TCP (6), length 153)
10.61.1.53.tserver > lab0540.39866: Flags [P.], cksum 0xcc31 (correct), seq 1:114, ack 28, win 229, length 113
01:55:34.863003 IP (tos 0x0, ttl 64, id 45960, offset 0, flags [DF], proto TCP (6), length 40)
lab0540.39866 > 10.61.1.53.tserver: Flags [.], cksum 0x7ab5 (correct), ack 114, win 96, length 0
01:55:34.863391 IP (tos 0x0, ttl 64, id 45961, offset 0, flags [DF], proto TCP (6), length 66)
lab0540.39866 > 10.61.1.53.tserver: Flags [P.], cksum 0xecfe (incorrect -> 0x2391), seq 28:54, ack 114, win 96, length 26
01:55:34.863617 IP (tos 0x0, ttl 63, id 3762, offset 0, flags [DF], proto TCP (6), length 40)
10.61.1.53.tserver > lab0540.39866: Flags [.], cksum 0x7a16 (correct), ack 54, win 229, length 0
01:55:34.863669 IP (tos 0x0, ttl 64, id 45962, offset 0, flags [DF], proto TCP (6), length 40)
lab0540.39866 > 10.61.1.53.tserver: Flags [F.], cksum 0x7a9a (correct), seq 54, ack 114, win 96, length 0
01:55:34.864207 IP (tos 0x0, ttl 64, id 53218, offset 0, flags [DF], proto TCP (6), length 60)
lab0540.59994 > 10.61.1.53.fpo-fns: Flags [S], cksum 0x6e6a (correct), seq 852129438, win 65535, options [mss 1460,sackOK,TS val 2606479740 ecr 0,nop,wscale 13], length 0
01:55:34.864426 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto TCP (6), length 52)
10.61.1.53.fpo-fns > lab0540.59994: Flags [S.], cksum 0x73c1 (correct), seq 966052578, ack 852129439, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
01:55:34.864457 IP (tos 0x0, ttl 64, id 53219, offset 0, flags [DF], proto TCP (6), length 40)
lab0540.59994 > 10.61.1.53.fpo-fns: Flags [.], cksum 0x2644 (correct), ack 1, win 96, length 0
01:55:34.865470 IP (tos 0x0, ttl 63, id 3763, offset 0, flags [DF], proto TCP (6), length 40)
10.61.1.53.tserver > lab0540.39866: Flags [F.], cksum 0x7a14 (correct), seq 114, ack 55, win 229, length 0
01:55:34.865499 IP (tos 0x0, ttl 64, id 45963, offset 0, flags [DF], proto TCP (6), length 40)
lab0540.39866 > 10.61.1.53.tserver: Flags [.], cksum 0x7a99 (correct), ack 115, win 96, length 0
01:55:34.869574 IP (tos 0x0, ttl 64, id 53220, offset 0, flags [DF], proto TCP (6), length 101)
lab0540.59994 > 10.61.1.53.fpo-fns: Flags [P.], cksum 0xed21 (incorrect -> 0x6383), seq 1:62, ack 1, win 96, length 61
01:55:34.869819 IP (tos 0x0, ttl 63, id 57549, offset 0, flags [DF], proto TCP (6), length 40)
10.61.1.53.fpo-fns > lab0540.59994: Flags [.], cksum 0x2582 (correct), ack 62, win 229, length 0
01:55:34.869996 IP (tos 0x0, ttl 63, id 57550, offset 0, flags [DF], proto TCP (6), length 40)
10.61.1.53.fpo-fns > lab0540.59994: Flags [R.], cksum 0x257e (correct), seq 1, ack 62, win 229, length 0
01:55:34.899070 IP (tos 0x0, ttl 64, id 41795, offset 0, flags [DF], proto TCP (6), length 60)
lab0540.39870 > 10.61.1.53.tserver: Flags [S], cksum 0x01fb (correct), seq 1272781532, win 65535, options [mss 1460,sackOK,TS val 2606479775 ecr 0,nop,wscale 13], length 0
01:55:34.899608 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto TCP (6), length 52)
10.61.1.53.tserver > lab0540.39870: Flags [S.], cksum 0xbff2 (correct), seq 953291559, ack 1272781533, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
01:55:34.899630 IP (tos 0x0, ttl 64, id 41796, offset 0, flags [DF], proto TCP (6), length 40)
lab0540.39870 > 10.61.1.53.tserver: Flags [.], cksum 0x7275 (correct), ack 1, win 96, length 0
01:55:34.900131 IP (tos 0x0, ttl 64, id 41797, offset 0, flags [DF], proto TCP (6), length 67)
lab0540.39870 > 10.61.1.53.tserver: Flags [P.], cksum 0xecff (incorrect -> 0x0f4e), seq 1:28, ack 1, win 96, length 27
01:55:34.900425 IP (tos 0x0, ttl 63, id 14713, offset 0, flags [DF], proto TCP (6), length 40)
10.61.1.53.tserver > lab0540.39870: Flags [.], cksum 0x71d5 (correct), ack 28, win 229, length 0
01:55:34.968394 IP (tos 0x0, ttl 63, id 14714, offset 0, flags [DF], proto TCP (6), length 153)
10.61.1.53.tserver > lab0540.39870: Flags [P.], cksum 0xc365 (correct), seq 1:114, ack 28, win 229, length 113
01:55:34.968463 IP (tos 0x0, ttl 64, id 41798, offset 0, flags [DF], proto TCP (6), length 40)
lab0540.39870 > 10.61.1.53.tserver: Flags [.], cksum 0x71e9 (correct), ack 114, win 96, length 0
01:55:34.968881 IP (tos 0x0, ttl 64, id 41799, offset 0, flags [DF], proto TCP (6), length 66)
lab0540.39870 > 10.61.1.53.tserver: Flags [P.], cksum 0xecfe (incorrect -> 0x1ac5), seq 28:54, ack 114, win 96, length 26
01:55:34.968989 IP (tos 0x0, ttl 64, id 41800, offset 0, flags [DF], proto TCP (6), length 40)
lab0540.39870 > 10.61.1.53.tserver: Flags [F.], cksum 0x71ce (correct), seq 54, ack 114, win 96, length 0
01:55:34.969586 IP (tos 0x0, ttl 63, id 14715, offset 0, flags [DF], proto TCP (6), length 40)
10.61.1.53.tserver > lab0540.39870: Flags [.], cksum 0x714a (correct), ack 54, win 229, length 0
01:55:34.969988 IP (tos 0x0, ttl 63, id 14716, offset 0, flags [DF], proto TCP (6), length 40)
10.61.1.53.tserver > lab0540.39870: Flags [F.], cksum 0x7148 (correct), seq 114, ack 55, win 229, length 0
01:55:34.970003 IP (tos 0x0, ttl 64, id 41801, offset 0, flags [DF], proto TCP (6), length 40)
lab0540.39870 > 10.61.1.53.tserver: Flags [.], cksum 0x71cd (correct), ack 115, win 96, length 0
01:55:34.971046 IP (tos 0x0, ttl 64, id 4657, offset 0, flags [DF], proto TCP (6), length 60)
lab0540.59998 > 10.61.1.53.fpo-fns: Flags [S], cksum 0xc4b7 (correct), seq 2799021014, win 65535, options [mss 1460,sackOK,TS val 2606479847 ecr 0,nop,wscale 13], length 0
01:55:34.971309 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto TCP (6), length 52)
10.61.1.53.fpo-fns > lab0540.59998: Flags [S.], cksum 0x004b (correct), seq 82758071, ack 2799021015, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
01:55:34.971326 IP (tos 0x0, ttl 64, id 4658, offset 0, flags [DF], proto TCP (6), length 40)
lab0540.59998 > 10.61.1.53.fpo-fns: Flags [.], cksum 0xb2cd (correct), ack 1, win 96, length 0
01:55:34.973591 IP (tos 0x0, ttl 64, id 4659, offset 0, flags [DF], proto TCP (6), length 101)
lab0540.59998 > 10.61.1.53.fpo-fns: Flags [P.], cksum 0xed21 (incorrect -> 0xdbd1), seq 1:62, ack 1, win 96, length 61
01:55:34.973848 IP (tos 0x0, ttl 63, id 58144, offset 0, flags [DF], proto TCP (6), length 40)
10.61.1.53.fpo-fns > lab0540.59998: Flags [.], cksum 0xb20b (correct), ack 62, win 229, length 0
01:55:34.973961 IP (tos 0x0, ttl 63, id 58145, offset 0, flags [DF], proto TCP (6), length 40)
10.61.1.53.fpo-fns > lab0540.59998: Flags [R.], cksum 0xb207 (correct), seq 1, ack 62, win 229, length 0
01:55:42.517042 IP (tos 0x0, ttl 63, id 54797, offset 0, flags [DF], proto TCP (6), length 66)
10.61.1.53.cma > lab0540.45654: Flags [P.], cksum 0x1f17 (correct), seq 1065397843:1065397869, ack 2288981294, win 237, length 26
01:55:42.517158 IP (tos 0x0, ttl 64, id 59406, offset 0, flags [DF], proto TCP (6), length 40)
lab0540.45654 > 10.61.1.53.cma: Flags [.], cksum 0x80ae (correct), ack 26, win 96, length 0
|