使用Network monitor来分析网络通讯包的时候, 经常会使用到TCP Flag这样的知识点.
那么这些Flag分别都代表什么意义呢?
=============
Urgent flag is used to identify incoming data as 'urgent'. Such incoming segments do not have to wait until the previous segments are consumed by the receiving end but are sent directly and processed immediately.
ACKnowledgement flag is used to acknowledge the successful receipt of packets.
Reset flag is used when a segment arrives that is not intended for the current connection. In other words, if you were to send a packet to a host in order to establish a connection, and there was no such service waiting to answer at the remote host, then the host would automatically reject your request and then send you a reply with the RST flag set. This indicates that the remote host has reset the connection.
SYN flag is initialy sent when establishing the classical 3-way handshake between two hosts.
FIN flag, standing for the word FINished. This flag is used to tear down the virtual connections created using the previous flag (SYN), so because of this reason, the FIN flag always appears when the last packets are exchanged between a connection.
TCP三次握手, 建立连接示意图
TCP中断连接, 过程示意图
资料来源:
TCP Analysis - Section 4:TCP Flag Options