TCP Packet Exchange

From NovaOrdis Knowledge Base
Revision as of 15:25, 21 July 2017 by Ovidiu (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
$ TZ=EST5EDT tshark -t a -r packet-capture-file.pcap -Y "tcp.stream == 499" | tail -n 40
[...]
538653 13:27:30.398393 0.000283 10.76.161.11 → 10.76.161.19 TCP 2962 46162 → 5445 [ACK] Seq=44400270 Ack=2861272495 Win=31088 Len=2896 TSval=3113414800 TSecr=3113386505
538654 13:27:30.398399 0.000006 10.76.161.11 → 10.76.161.19 TCP 2962 46162 → 5445 [ACK] Seq=44403166 Ack=2861272495 Win=31088 Len=2896 TSval=3113414800 TSecr=3113386505
538655 13:27:30.398402 0.000003 10.76.161.19 → 10.76.161.11 TCP 66 5445 → 46162 [ACK] Seq=2861272495 Ack=44406062 Win=52 Len=0 TSval=3113386506 TSecr=3113414800
538657 13:27:30.398497 0.000095 10.76.161.11 → 10.76.161.19 TCP 1640 46162 → 5445 [PSH, ACK] Seq=44406062 Ack=2861272495 Win=31088 Len=1574 TSval=3113414800 TSecr=3113386506
538681 13:27:30.401171 0.002674 10.76.161.11 → 10.76.161.19 TCP 171 46162 → 5445 [PSH, ACK] Seq=44407636 Ack=2861272495 Win=31088 Len=105 TSval=3113414803 TSecr=3113386506
538767 13:27:30.411359 0.010188 10.76.161.11 → 10.76.161.19 TCP 171 [TCP Retransmission] 46162 → 5445 [PSH, ACK] Seq=44407636 Ack=2861272495 Win=31088 Len=105 TSval=3113414813 TSecr=3113386506
538768 13:27:30.411367 0.000008 10.76.161.19 → 10.76.161.11 TCP 78 5445 → 46162 [ACK] Seq=2861272495 Ack=44407741 Win=62 Len=0 TSval=3113386519 TSecr=3113414800 SLE=44407636 SRE=44407741
539286 13:27:30.499184 0.087817 10.76.161.19 → 10.76.161.11 TCP 85 5445 → 46162 [PSH, ACK] Seq=2861272495 Ack=44407741 Win=64 Len=19 TSval=3113386606 TSecr=3113414800
539303 13:27:30.500118 0.000934 10.76.161.11 → 10.76.161.19 TCP 170 46162 → 5445 [PSH, ACK] Seq=44407741 Ack=2861272514 Win=31088 Len=104 TSval=3113414902 TSecr=3113386606
539305 13:27:30.500127 0.000009 10.76.161.19 → 10.76.161.11 TCP 66 5445 → 46162 [ACK] Seq=2861272514 Ack=44407845 Win=64 Len=0 TSval=3113386607 TSecr=3113414902
539374 13:27:30.510889 0.010762 10.76.161.19 → 10.76.161.11 TCP 85 5445 → 46162 [PSH, ACK] Seq=2861272514 Ack=44407845 Win=64 Len=19 TSval=3113386618 TSecr=3113414902
539509 13:27:30.517275 0.006386 10.76.161.11 → 10.76.161.19 TCP 171 46162 → 5445 [PSH, ACK] Seq=44407845 Ack=2861272533 Win=31088 Len=105 TSval=3113414919 TSecr=3113386618
539621 13:27:30.525292 0.008017 10.76.161.19 → 10.76.161.11 TCP 85 5445 → 46162 [PSH, ACK] Seq=2861272533 Ack=44407950 Win=64 Len=19 TSval=3113386633 TSecr=3113414919
539867 13:27:30.565150 0.039858 10.76.161.11 → 10.76.161.19 TCP 66 46162 → 5445 [ACK] Seq=44407950 Ack=2861272552 Win=31088 Len=0 TSval=3113414967 TSecr=3113386633
541538 13:27:30.846397 0.281247 10.76.161.11 → 10.76.161.19 TCP 83 46162 → 5445 [PSH, ACK] Seq=44407950 Ack=2861272552 Win=31088 Len=17 TSval=3113415248 TSecr=3113386633
541539 13:27:30.846590 0.000193 10.76.161.19 → 10.76.161.11 TCP 80 5445 → 46162 [PSH, ACK] Seq=2861272552 Ack=44407967 Win=64 Len=14 TSval=3113386954 TSecr=3113415248
541541 13:27:30.846742 0.000152 10.76.161.11 → 10.76.161.19 TCP 66 46162 → 5445 [ACK] Seq=44407967 Ack=2861272566 Win=31088 Len=0 TSval=3113415248 TSecr=3113386954
541542 13:27:30.846882 0.000140 10.76.161.11 → 10.76.161.19 TCP 170 46162 → 5445 [PSH, ACK] Seq=44407967 Ack=2861272566 Win=31088 Len=104 TSval=3113415248 TSecr=3113386954
541543 13:27:30.847108 0.000226 10.76.161.19 → 10.76.161.11 TCP 85 5445 → 46162 [PSH, ACK] Seq=2861272566 Ack=44408071 Win=64 Len=19 TSval=3113386954 TSecr=3113415248
541544 13:27:30.847237 0.000129 10.76.161.11 → 10.76.161.19 TCP 133 46162 → 5445 [PSH, ACK] Seq=44408071 Ack=2861272585 Win=31088 Len=67 TSval=3113415249 TSecr=3113386954
541545 13:27:30.848001 0.000764 10.76.161.19 → 10.76.161.11 TCP 390 5445 → 46162 [PSH, ACK] Seq=2861272585 Ack=44408138 Win=64 Len=324 TSval=3113386955 TSecr=3113415249
541546 13:27:30.848150 0.000149 10.76.161.11 → 10.76.161.19 TCP 1119 46162 → 5445 [PSH, ACK] Seq=44408138 Ack=2861272909 Win=31088 Len=1053 TSval=3113415250 TSecr=3113386955
541550 13:27:30.851595 0.003445 10.76.161.11 → 10.76.161.19 TCP 171 46162 → 5445 [PSH, ACK] Seq=44409191 Ack=2861272909 Win=31088 Len=105 TSval=3113415253 TSecr=3113386955
541560 13:27:30.861084 0.009489 10.76.161.11 → 10.76.161.19 TCP 171 [TCP Retransmission] 46162 → 5445 [PSH, ACK] Seq=44409191 Ack=2861272909 Win=31088 Len=105 TSval=3113415263 TSecr=3113386955
541561 13:27:30.861094 0.000010 10.76.161.19 → 10.76.161.11 TCP 78 5445 → 46162 [ACK] Seq=2861272909 Ack=44409296 Win=62 Len=0 TSval=3113386968 TSecr=3113415250 SLE=44409191 SRE=44409296
549531 13:27:57.584052 26.722958 10.76.161.11 → 10.76.161.19 TCP 87 46162 → 5445 [PSH, ACK] Seq=44409296 Ack=2861272909 Win=31088 Len=21 TSval=3113441985 TSecr=3113386968
549532 13:27:57.584062 0.000010 10.76.161.19 → 10.76.161.11 TCP 66 5445 → 46162 [ACK] Seq=2861272909 Ack=44409317 Win=62 Len=0 TSval=3113413691 TSecr=3113441985
550955 13:28:00.862013 3.277951 10.76.161.11 → 10.76.161.19 TCP 171 46162 → 5445 [PSH, ACK] Seq=44409317 Ack=2861272909 Win=31088 Len=105 TSval=3113445263 TSecr=3113413691
550956 13:28:00.862033 0.000020 10.76.161.19 → 10.76.161.11 TCP 66 5445 → 46162 [ACK] Seq=2861272909 Ack=44409422 Win=62 Len=0 TSval=3113416969 TSecr=3113445263
558515 13:28:27.584149 26.722116 10.76.161.11 → 10.76.161.19 TCP 87 46162 → 5445 [PSH, ACK] Seq=44409422 Ack=2861272909 Win=31088 Len=21 TSval=3113471986 TSecr=3113416969
558516 13:28:27.584158 0.000009 10.76.161.19 → 10.76.161.11 TCP 66 5445 → 46162 [ACK] Seq=2861272909 Ack=44409443 Win=62 Len=0 TSval=3113443691 TSecr=3113471986
559752 13:28:30.864564 3.280406 10.76.161.11 → 10.76.161.19 TCP 170 46162 → 5445 [PSH, ACK] Seq=44409443 Ack=2861272909 Win=31088 Len=104 TSval=3113475266 TSecr=3113443691
559753 13:28:30.864573 0.000009 10.76.161.19 → 10.76.161.11 TCP 66 5445 → 46162 [ACK] Seq=2861272909 Ack=44409547 Win=62 Len=0 TSval=3113446972 TSecr=3113475266
562525 13:28:39.727873 8.863300 10.76.161.19 → 10.76.161.11 TCP 433 5445 → 46162 [PSH, ACK] Seq=2861272909 Ack=44409547 Win=62 Len=367 TSval=3113455835 TSecr=3113475266
562909 13:28:39.767081 0.039208 10.76.161.11 → 10.76.161.19 TCP 66 46162 → 5445 [ACK] Seq=44409547 Ack=2861273276 Win=31088 Len=0 TSval=3113484169 TSecr=3113455835
572078 13:28:42.181928 2.414847 10.76.161.19 → 10.76.161.11 TCP 433 [TCP Previous segment not captured] 5445 → 46162 [PSH, ACK] Seq=2861273643 Ack=44409547 Win=62 Len=367 TSval=3113458289 TSecr=3113485250
572081 13:28:42.182005 0.000077 10.76.161.11 → 10.76.161.19 TCP 66 [TCP ACKed unseen segment] 46162 → 5445 [ACK] Seq=44409547 Ack=2861274010 Win=31088 Len=0 TSval=3113486583 TSecr=3113458289
575480 13:28:44.461792 2.279787 10.76.161.19 → 10.76.161.11 TCP 66 5445 → 46162 [FIN, ACK] Seq=2861274010 Ack=44409547 Win=64 Len=0 TSval=3113460569 TSecr=3113486583
575481 13:28:44.461894 0.000102 10.76.161.11 → 10.76.161.19 TCP 66 46162 → 5445 [FIN, ACK] Seq=44409547 Ack=2861274011 Win=31088 Len=0 TSval=3113488863 TSecr=3113460569
575482 13:28:44.461902 0.000008 10.76.161.19 → 10.76.161.11 TCP 66 5445 → 46162 [ACK] Seq=2861274011 Ack=44409548 Win=64 Len=0 TSval=3113460569 TSecr=3113488863