Search code examples
tcptcpdump

What the tcpdump result mean?

I can curl the site on my local, and on my production server.

But I can not curl the site on my staging server.

And On my staging server, I can curl other sites.

the tcpdump result is 

2018-03-31 01:16:34.453036 IP (tos 0x0, ttl 64, id 8852, offset 0, flags [DF], proto TCP (6), length 60)
    10.11.112.108.59187 > 192.175.110.124.443: Flags [S], cksum 0xa9d1 (incorrect -> 0x11ef), seq 1631407811, win 29200, options [mss 1460,sackOK,TS val 353791063 ecr 0,nop,wscale 8], length 0
2018-03-31 01:16:35.452914 IP (tos 0x0, ttl 64, id 8853, offset 0, flags [DF], proto TCP (6), length 60)
    10.11.112.108.59187 > 192.175.110.124.443: Flags [S], cksum 0xa9d1 (incorrect -> 0x10f5), seq 1631407811, win 29200, options [mss 1460,sackOK,TS val 353791313 ecr 0,nop,wscale 8], length 0
2018-03-31 01:16:37.456926 IP (tos 0x0, ttl 64, id 8854, offset 0, flags [DF], proto TCP (6), length 60)
    10.11.112.108.59187 > 192.175.110.124.443: Flags [S], cksum 0xa9d1 (incorrect -> 0x0f00), seq 1631407811, win 29200, options [mss 1460,sackOK,TS val 353791814 ecr 0,nop,wscale 8], length 0
2018-03-31 01:16:41.464918 IP (tos 0x0, ttl 64, id 8855, offset 0, flags [DF], proto TCP (6), length 60)
    10.11.112.108.59187 > 192.175.110.124.443: Flags [S], cksum 0xa9d1 (incorrect -> 0x0b16), seq 1631407811, win 29200, options [mss 1460,sackOK,TS val 353792816 ecr 0,nop,wscale 8], length 0
2018-03-31 01:16:49.480947 IP (tos 0x0, ttl 64, id 8856, offset 0, flags [DF], proto TCP (6), length 60)
    10.11.112.108.59187 > 192.175.110.124.443: Flags [S], cksum 0xa9d1 (incorrect -> 0x0342), seq 1631407811, win 29200, options [mss 1460,sackOK,TS val 353794820 ecr 0,nop,wscale 8], length 0
2018-03-31 01:17:05.528931 IP (tos 0x0, ttl 64, id 8857, offset 0, flags [DF], proto TCP (6), length 60)
    10.11.112.108.59187 > 192.175.110.124.443: Flags [S], cksum 0xa9d1 (incorrect -> 0xf395), seq 1631407811, win 29200, options [mss 1460,sackOK,TS val 353798832 ecr 0,nop,wscale 8], length 0

SO I want to know what happened ? what should I do?

Solution

  • You can see Flags [S] in each packet. This is the TCP SYN packet, which tries to establish a connection. There is no response to it. This implies that there is a firewall rule somewhere between the client and the server which is blocking the connection. The firewall could be a network device, or could be software running on the server.