准备
本地windows:
ip 192.168.0.106
安装navicat
测试环境:
版本:CentOS 7.4.1708 x86_64
ip 192.168.0.109
mysql服务 3306端口
需要安装tcpdump (sudo yum install -y tcpdump)
步骤:
- 在192.168.0.109上执行
sudo tcpdump -i eth0 -S tcp port 3306 and host 192.168.0.109 and 192.168.0.106
- 在192.168.0.106上打开navicat,新建连接并填好地址/用户名/密码,点“测试连接”
- 此时192.168.0.109会有日志打印,见文件tcpdump结果.txt
分析三次握手
Flags说明:
F : FIN - 结束; 结束会话
S : SYN - 同步; 表示开始会话请求
R : RST - 复位;中断一个连接
P : PUSH - 推送; 数据包立即发送
A : ACK - 应答 tcpdump的结果中用.表示
U : URG - 紧急
E : ECE - 显式拥塞提醒回应
W : CWR - 拥塞窗口减少
文件:tcpdump结果.txt
# 第一次握手
# 106到109 seq=9664941
09:49:57.067042 IP 192.168.0.106.52661 > 192.168.0.109.mysql: Flags [S], seq 9664941, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
# 第二次握手
# 109到106 seq=3031629587, ack=9664942
# ack等于上一步的seq
09:49:57.067702 IP 192.168.0.109.mysql > 192.168.0.106.52661: Flags [S.], seq 3031629587, ack 9664942, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
# 第三次握手
# 106到109 ack=3031629588
# ack等于上一步的seq
09:49:57.067823 IP 192.168.0.106.52661 > 192.168.0.109.mysql: Flags [.], ack 3031629588, win 16425, length 0
09:49:57.068046 IP 192.168.0.109.mysql > 192.168.0.106.52661: Flags [P.], seq 3031629588:3031629666, ack 9664942, win 229, length 78
09:49:57.078910 IP 192.168.0.106.52661 > 192.168.0.109.mysql: Flags [P.], seq 9664942:9665004, ack 3031629666, win 16405, length 62
09:49:57.079019 IP 192.168.0.109.mysql > 192.168.0.106.52661: Flags [.], ack 9665004, win 229, length 0
09:49:57.079137 IP 192.168.0.109.mysql > 192.168.0.106.52661: Flags [P.], seq 3031629666:3031629677, ack 9665004, win 229, length 11
09:49:57.079362 IP 192.168.0.106.52661 > 192.168.0.109.mysql: Flags [P.], seq 9665004:9665023, ack 3031629677, win 16402, length 19
09:49:57.079555 IP 192.168.0.109.mysql > 192.168.0.106.52661: Flags [P.], seq 3031629677:3031629688, ack 9665023, win 229, length 11
09:49:57.276626 IP 192.168.0.106.52661 > 192.168.0.109.mysql: Flags [.], ack 3031629688, win 16400, length 0
09:49:58.232345 IP 192.168.0.106.52661 > 192.168.0.109.mysql: Flags [P.], seq 9665023:9665028, ack 3031629688, win 16400, length 5
09:49:58.232386 IP 192.168.0.106.52661 > 192.168.0.109.mysql: Flags [F.], seq 9665028, ack 3031629688, win 16400, length 0
09:49:58.232830 IP 192.168.0.109.mysql > 192.168.0.106.52661: Flags [F.], seq 3031629688, ack 9665029, win 229, length 0
09:49:58.233195 IP 192.168.0.106.52661 > 192.168.0.109.mysql: Flags [.], ack 3031629689, win 16400, length 0作者:张三 创建时间:2026-03-05 17:34
最后编辑:张三 更新时间:2026-03-05 17:35
最后编辑:张三 更新时间:2026-03-05 17:35
