Hi all, I'm trying to understand the complete flow of a TCP sequence and i think our application is sometimes not closing TCP sessions right but i'm not 100% sure.
Please see the following:
My concerns are with the closing stage of the TCP connection.
- Packet #2262 is a [FIN,ACK] but shouldn't there be a [FIN] from the other side first?
- Packet #2265 shows the same but the other way around
- I can't place those random [ACK]'s at #2264 and #2267.
Why am i asking? This is a capture from our firewall. Apparently, something in this connection is triggering a "new connection" on our firewall. I'm suspecting it has something to do with this TCP connection not being closed gracefully and [ACK]'s coming after the [FIN,ACK]'s but i'm not 100% sure.
Would be great to get some help!
Thanks in advance,
Eric
