TCP packets with RST flag set but **not** ACK flag OK??

Chris Brenton cbrenton at chrisbrenton.org
Tue Apr 12 16:41:57 CEST 2005


On Tue, 2005-04-12 at 03:24, Taylor Grant wrote:
>
> In short, deciding if the ACK and RST flags to together or not is about like deciphering the English language.

Luckily I speak native English and Hex. ;-) Try this: 

In one terminal window run:
tcpdump -nn -v -i lo

In another terminal window run:
hping -A -c 1 -p 5 127.0.0.1
hping -S -c 1 -p 5 127.0.0.1

You'll see the first packet causes a RST only to be returned. The second
will cause a RST/ACK to be returned. So either condition is a
possibility and a Netfilter rule base needs to handle both of them
appropriately. 

HTH,
Chris





More information about the netfilter mailing list