iptables -I INPUT -s 192.168.137.2 -j DROP 丢弃 服务端过来的数据包:
场景 客户端发送数据后,立刻启动防火墙策略,服务端收到消息回复前sleep 30秒
20:44:40.467747 IP node1.webcache > node2.56900: Flags [P.], seq 3231437414:3231437432, ack 2451929958, win 227, options [nop,nop,TS val 10574630 ecr 20688554], length 18
20:44:40.668729 IP node1.webcache > node2.56900: Flags [P.], seq 3231437414:3231437432, ack 2451929958, win 227, options [nop,nop,TS val 10574831 ecr 20688554], length 18
20:44:41.070760 IP node1.webcache > node2.56900: Flags [P.], seq 3231437414:3231437432, ack 2451929958, win 227, options [nop,nop,TS val 10575233 ecr 20688554], length 18
20:44:41.874720 IP node1.webcache > node2.56900: Flags [P.], seq 3231437414:3231437432, ack 2451929958, win 227, options [nop,nop,TS val 10576037 ecr 20688554], length 18
20:44:43.482484 IP node1.webcache > node2.56900: Flags [P.], seq 3231437414:3231437432, ack 2451929958, win 227, options [nop,nop,TS val 10577645 ecr 20688554], length 18
20:44:46.699364 IP node1.webcache > node2.56900: Flags [P.], seq 3231437414:3231437432, ack 2451929958, win 227, options [nop,nop,TS val 10580862 ecr 20688554], length 18
20:44:53.659643 IP node1.webcache > node2.56900: Flags [P.], seq 3231437414:3231437432, ack 2451929958, win 227, options [nop,nop,TS val 10587821 ecr 20688554], length 18
20:45:06.523122 IP node1.webcache > node2.56900: Flags [P.], seq 3231437414:3231437432, ack 2451929958, win 227, options [nop,nop,TS val 10600685 ecr 20688554], length 18
20:45:32.251333 IP node1.webcache > node2.56900: Flags [P.], seq 3231437414:3231437432, ack 2451929958, win 227, options [nop,nop,TS val 10626414 ecr 20688554], length 18
20:46:23.708029 IP node1.webcache > node2.56900: Flags [P.], seq 3231437414:3231437432, ack 2451929958, win 227, options [nop,nop,TS val 10677870 ecr 20688554], length 18
20:48:06.620213 IP node1.webcache > node2.56900: Flags [P.], seq 3231437414:3231437432, ack 2451929958, win 227, options [nop,nop,TS val 10780783 ecr 20688554], length 18
20:50:06.620711 IP node1.webcache > node2.56900: Flags [P.], seq 3231437414:3231437432, ack 2451929958, win 227, options [nop,nop,TS val 10900783 ecr 20688554], length 18
20:52:06.620526 IP node1.webcache > node2.56900: Flags [P.], seq 3231437414:3231437432, ack 2451929958, win 227, options [nop,nop,TS val 11020783 ecr 20688554], length 18
20:54:06.620962 IP node1.webcache > node2.56900: Flags [P.], seq 3231437414:3231437432, ack 2451929958, win 227, options [nop,nop,TS val 11140783 ecr 20688554], length 18
20:56:06.620609 IP node1.webcache > node2.56900: Flags [P.], seq 3231437414:3231437432, ack 2451929958, win 227, options [nop,nop,TS val 11260783 ecr 20688554], length 18
20:58:06.620293 IP node1.webcache > node2.56900: Flags [P.], seq 3231437414:3231437432, ack 2451929958, win 227, options [nop,nop,TS val 11380783 ecr 20688554], length 18
总共16次 ,重传15次
node2:/root/test#cat t13.py
import socket
import struct
import time
s = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
s.setsockopt(socket.SOL_SOCKET, socket.SO_LINGER, struct.pack('ii', 1, 0))
s.connect(("192.168.137.2",8080))
s.send('111111111')
time.sleep(6000)
node1:/root/test#cat t2.py
# coding = utf-8
# -*- coding:utf-8 -*-
import socket
import time
BUFSIZE=1024
ip_port = ('192.168.137.2',8080)
s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)#创建套接字
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
print("Buffer size [Before]: %d" % s.getsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF))
print("Buffer size [Before]: %d" % s.getsockopt(socket.SOL_SOCKET, socket.SO_RCVBUF))
#s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
print 'alter-----------------------------------------------------------------------';
print s.getsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF)
print s.getsockopt(socket.SOL_SOCKET, socket.SO_RCVBUF)
s.bind(ip_port)#绑定地址
s.listen(5)#监听链接
print('server listening8080...')
while True: #无限等待连接
conn,addr = s.accept() #接受客户端连接
print('接到来自%s的链接'%addr[0])
while True: #通信循环,无限接受客户端信息
#print conn.getpeername()
try:
msg = conn.recv(BUFSIZE) #接受消息的内容
print 'xxx--------------------xxx'
print msg
print 'xxx--------------------xxx'
except Exception,err:
break
if len(msg)==0:break #如果 不加,已连接的客户端突然断开,recv不再阻塞,发生死循环
print '111-----------------------111'
print msg
print '111-----------------------111'
try:
print '开始回复报文'
time.sleep(30)
conn.send('response:'+msg)
except Exception,err:
print err
#conn.send(msg.upper())#服务端发送消息
conn.close()#关闭链接
s.close()#关闭套接字