This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

What do the TCP flags mean?

0
  Source                   Destination    Protocol         Info
85.73.133.27           150.140.141.181     TCP        hi3182>http [SYN] Seq=0 Len=0 MSS=1420,win=,..etc

What is the meaning of the values of TCP flags in the Info column?

asked 27 Dec '11, 23:17

george's gravatar image

george
1111
accept rate: 0%

edited 28 Dec '11, 06:31

multipleinterfaces's gravatar image

multipleinte...
1.3k152340


One Answer:

2

The TCP flags shows what the sending TCP entity wants the receiving TCP entity to do. In this case SYNchronize with the sender, using the other data listed. Check the TCP/IP Guide for details.

answered 27 Dec '11, 23:38

Jaap's gravatar image

Jaap ♦
11.7k16101
accept rate: 14%

And be sure to have a look at the various TCP-related RFC's, such as the original TCP RFC, RFC 793, as well as RFC 3168, which introduced the ECE and CWR flags, and RFC 3540, which introduced the NS flag. These 3 latter flags are not [yet] mentioned in the TCP/IP Guide.

(28 Dec '11, 17:20) cmaynard ♦♦