Jason Thanks. That helped. I was looking at your TCP flags iptables rules. No maybe I can understand why you chose them. Chris On Wed, Jan 26, 2005 at 02:08:15PM -0500, Jason Opperisano wrote: > On Tue, Jan 25, 2005 at 09:26:58PM -0800, seberino@xxxxxxxxxxxxxxx wrote: > > Lopsch > > > > Thanks for your email. I know a little about TCP flags. > > IIRC, ACK means 'Acknowlegement' > > and FIN means 'Finish Connection'. > > > > Why would TCP want everyone to turn on ACK when they > > want to finish a connection with FIN? > > > > I assume that TCP was written to do 2 errands in one > > TCP datagram?...1. acknowledge last datagram received > > 2. terminate connection > > > > It seems odd you can't terminate a connection (FIN) > > without also acknowledging something to me. > > > > Chris > > read: > http://www.tcpipguide.com/free/t_TCPConnectionEstablishmentProcessTheThreeWayHandsh.htm > > and: > http://www.tcpipguide.com/free/t_TCPConnectionTermination.htm > > if you want a better understanding of TCP connection setup and > termination and the flags set during each phase. > > the quick answer to your question is that an actual OS TCP/IP stack will > always set the ACK bit when sending a FIN, URG, or PSH packet. FIN, > URG, and PSH packets that are sent without the ACK bit set were probably > generated by some scanner tool (nmap, hping) or by somebody's custom > code (perl script). > > -j > > -- > "Operator! Give me the number for 911!" > --The Simpsons > -- _______________________________________ Christian Seberino, Ph.D. SPAWAR Systems Center San Diego Code 2872 49258 Mills Street, Room 158 San Diego, CA 92152-5385 U.S.A. Phone: (619) 553-9973 Fax : (619) 553-6521 Email: seberino@xxxxxxxxxxxxxxx _______________________________________
