跳到内容
🛠️ToolsShed

TCP标志参考

TCP标志和连接状态参考指南。

SYNSynchronizeBit 1

Initiates a connection. Used in the three-way handshake to synchronize sequence numbers.

Use cases: Connection establishment, port scanning

ACKAcknowledgeBit 4

Acknowledges receipt of data. Almost all packets after the initial SYN have ACK set.

Use cases: All established connection packets, connection teardown

FINFinishBit 5

Indicates no more data from the sender. Initiates the four-way connection teardown.

Use cases: Graceful connection termination

RSTResetBit 2

Abruptly terminates a connection. Sent when an error occurs or connection is refused.

Use cases: Error handling, refusing connections, terminating half-open connections

PSHPushBit 3

Tells receiver to pass data to the application immediately without buffering.

Use cases: Interactive applications, real-time data, small payloads

URGUrgentBit 0

Indicates the urgent pointer field is significant — data should be processed out-of-order.

Use cases: Telnet, SSH interrupt signals, rarely used in modern protocols

ECEECN-EchoBit 6

Used in Explicit Congestion Notification (ECN). Indicates ECN-capable transport during SYN.

Use cases: Congestion control negotiation and signaling

CWRCongestion Window ReducedBit 7

Sent by host to indicate it received a TCP segment with ECE flag and has reduced its congestion window.

Use cases: Congestion control feedback

关于此工具

TCP标志是网络通信中的控制信号,用于管理数据流并控制连接的建立或终止。六个标志(SYN、ACK、FIN、RST、PSH、URG)在TCP协议中各自具有特定的作用。理解这些标志对网络工程师、安全专业人员和调试连接问题的人员至关重要,因为它们控制握手过程、决定何时应立即传递数据,以及管理优雅与突然的连接关闭。

此参考指南提供了所有TCP标志及其含义的可视化和可搜索的查询。您可以快速了解每个标志的作用、在三次握手中的使用方式,及其在连接断开和错误处理中的角色。该指南还涵盖了ESTABLISHED、TIME_WAIT和SYN_RECV等TCP连接状态,让您全面了解TCP如何管理从初始化到终止的完整连接生命周期。

常见问题

代码实现

import socket
import struct

# TCP flags constants
TCP_FIN = 0x01
TCP_SYN = 0x02
TCP_RST = 0x04
TCP_PSH = 0x08
TCP_ACK = 0x10
TCP_URG = 0x20
TCP_ECE = 0x40
TCP_CWR = 0x80

def decode_tcp_flags(flags_byte):
    """Decode TCP flags from a byte"""
    flags = []
    if flags_byte & TCP_FIN: flags.append('FIN')
    if flags_byte & TCP_SYN: flags.append('SYN')
    if flags_byte & TCP_RST: flags.append('RST')
    if flags_byte & TCP_PSH: flags.append('PSH')
    if flags_byte & TCP_ACK: flags.append('ACK')
    if flags_byte & TCP_URG: flags.append('URG')
    if flags_byte & TCP_ECE: flags.append('ECE')
    if flags_byte & TCP_CWR: flags.append('CWR')
    return flags

def check_tcp_connection(host, port, timeout=3):
    """Check if TCP port is open (SYN-ACK received)"""
    try:
        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        sock.settimeout(timeout)
        result = sock.connect_ex((host, port))
        sock.close()
        return result == 0  # 0 = connected (SYN-ACK received)
    except Exception:
        return False

# Common flag patterns
print("SYN packet flags:", decode_tcp_flags(TCP_SYN))          # ['SYN']
print("SYN-ACK flags:", decode_tcp_flags(TCP_SYN | TCP_ACK))   # ['SYN', 'ACK']
print("FIN-ACK flags:", decode_tcp_flags(TCP_FIN | TCP_ACK))   # ['FIN', 'ACK']
print("PSH-ACK flags:", decode_tcp_flags(TCP_PSH | TCP_ACK))   # ['PSH', 'ACK']

# Check if port is open
is_open = check_tcp_connection('example.com', 80)
print(f"Port 80 open: {is_open}")

Comments & Feedback

Comments are powered by Giscus. Sign in with GitHub to leave a comment.