asanger.dev

Anzeigen ob icmp pakete fragmentiert werden

Publiziert 5. November 2024 | Von admin
tcpdump -i tun0 -nnv icmp

Das DF und none bei den Flags zeigt das keine Pakete fragmentiert wurden

tcpdump -i tun0 -nnv icmp
tcpdump: listening on tun0, link-type RAW (Raw IP), snapshot length 262144 bytes
22:14:05.758520 IP (tos 0x0, ttl 64, id 18144, offset 0, flags [DF], proto ICMP (1), length 1400)
    192.168.255.6 > 8.8.8.8: ICMP echo request, id 13003, seq 0, length 1380
22:14:05.793387 IP (tos 0x0, ttl 55, id 0, offset 0, flags [none], proto ICMP (1), length 1400)
    8.8.8.8 > 192.168.255.6: ICMP echo reply, id 13003, seq 0, length 1380
22:14:06.759979 IP (tos 0x0, ttl 64, id 18196, offset 0, flags [DF], proto ICMP (1), length 1400)
    192.168.255.6 > 8.8.8.8: ICMP echo request, id 13003, seq 1, length 1380
22:14:06.797614 IP (tos 0x0, ttl 55, id 0, offset 0, flags [none], proto ICMP (1), length 1400)
    8.8.8.8 > 192.168.255.6: ICMP echo reply, id 13003, seq 1, length 1380

Das + bei den Flags zeigt das Pakete fragmentiert wurden

tcpdump -i tun0 -nnv icmp
tcpdump: listening on tun0, link-type RAW (Raw IP), snapshot length 262144 bytes
22:14:59.515817 IP (tos 0x0, ttl 64, id 20153, offset 0, flags [+], proto ICMP (1), length 1396)
    192.168.255.6 > 8.8.8.8: ICMP echo request, id 13101, seq 0, length 1376
22:14:59.515855 IP (tos 0x0, ttl 64, id 20153, offset 1376, flags [none], proto ICMP (1), length 25)
    192.168.255.6 > 8.8.8.8: ip-proto-1

Schreibe einen Kommentar

Neueste Beiträge

Powered by WordPress and WordPress Theme created with Artisteer.