Guest User

tcpdump and headers

a guest
Aug 3rd, 2019
32
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. 11:58:30.002375 ARP, Request who-has 192.168.3.254 tell 192.168.30.2, length 46
  2. 11:58:30.224571 IP 192.168.30.2.bootpc > acer-Aspire-4741.bootps: BOOTP/DHCP, Request from a4:91:b1:55:ec:a0 (oui Unknown), length 300
  3. 11:58:32.324734 IP6 :: > ff02::16: HBH ICMP6, multicast listener report v2, 1 group record(s), length 28
  4. 11:58:32.661751 IP6 :: > ff02::1:ff55:eca0: ICMP6, neighbor solicitation, who has fe80::a691:b1ff:fe55:eca0, length 24
  5. 11:58:33.449774 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from a4:91:b1:55:ec:a0 (oui Unknown), length 300
  6. 11:58:33.450000 IP acer-Aspire-4741 > 192.168.30.2: ICMP echo request, id 28332, seq 0, length 28
  7. 11:58:34.333659 IP6 fe80::a691:b1ff:fe55:eca0.dhcpv6-client > ff02::1:2.dhcpv6-server: dhcp6 solicit
  8. 11:58:34.451286 IP acer-Aspire-4741.bootps > 192.168.30.2.bootpc: BOOTP/DHCP, Reply, length 311
  9. 11:58:34.454867 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from a4:91:b1:55:ec:a0 (oui Unknown), length 300
  10. 11:58:34.488181 IP acer-Aspire-4741.bootps > 192.168.30.2.bootpc: BOOTP/DHCP, Reply, length 311
  11. 11:58:35.018500 ARP, Request who-has 192.168.3.254 tell 192.168.30.2, length 46
  12. 11:58:36.019117 ARP, Request who-has 192.168.3.254 tell 192.168.30.2, length 46
  13. 11:58:36.429505 IP6 fe80::a691:b1ff:fe55:eca0.dhcpv6-client > ff02::1:2.dhcpv6-server: dhcp6 solicit
  14. 11:58:36.459722 IP6 fe80::a691:b1ff:fe55:eca0 > ip6-allrouters: ICMP6, router solicitation, length 8
  15. 11:58:36.706034 ARP, Request who-has acer-Aspire-4741 tell 192.168.30.2, length 46
  16. 11:58:36.706052 ARP, Reply acer-Aspire-4741 is-at 20:6a:8a:10:4a:94 (oui Unknown), length 28
  17. 11:58:36.706215 IP 192.168.30.2.41827 > acer-Aspire-4741.7547: Flags [S], seq 2663259748, win 14600, options [mss 1460,sackOK,TS val 558898 ecr 0,nop,wscale 7], length 0
  18. 11:58:36.706250 IP acer-Aspire-4741.7547 > 192.168.30.2.41827: Flags [S.], seq 2820238300, ack 2663259749, win 65160, options [mss 1460,sackOK,TS val 1445932448 ecr 558898,nop,wscale 7], length 0
  19. 11:58:36.706513 IP 192.168.30.2.41827 > acer-Aspire-4741.7547: Flags [.], ack 1, win 115, options [nop,nop,TS val 558899 ecr 1445932448], length 0
  20. 11:58:36.707421 IP 192.168.30.2.41827 > acer-Aspire-4741.7547: Flags [P.], seq 1:5, ack 1, win 115, options [nop,nop,TS val 558900 ecr 1445932448], length 4
  21. 11:58:36.707439 IP acer-Aspire-4741.7547 > 192.168.30.2.41827: Flags [.], ack 5, win 510, options [nop,nop,TS val 1445932449 ecr 558900], length 0
  22. 11:58:36.707657 IP 192.168.30.2.41827 > acer-Aspire-4741.7547: Flags [P.], seq 5:62, ack 1, win 115, options [nop,nop,TS val 558900 ecr 1445932449], length 57
  23. 11:58:36.707671 IP acer-Aspire-4741.7547 > 192.168.30.2.41827: Flags [.], ack 62, win 510, options [nop,nop,TS val 1445932449 ecr 558900], length 0
  24. 11:58:36.708641 IP 192.168.30.2.41827 > acer-Aspire-4741.7547: Flags [P.], seq 62:81, ack 1, win 115, options [nop,nop,TS val 558901 ecr 1445932449], length 19
  25. 11:58:36.708658 IP acer-Aspire-4741.7547 > 192.168.30.2.41827: Flags [.], ack 81, win 510, options [nop,nop,TS val 1445932450 ecr 558901], length 0
  26. 11:58:36.708807 IP 192.168.30.2.41827 > acer-Aspire-4741.7547: Flags [P.], seq 81:138, ack 1, win 115, options [nop,nop,TS val 558901 ecr 1445932450], length 57
  27. 11:58:36.708821 IP acer-Aspire-4741.7547 > 192.168.30.2.41827: Flags [.], ack 138, win 510, options [nop,nop,TS val 1445932450 ecr 558901], length 0
  28. 11:58:37.021252 ARP, Request who-has 192.168.3.254 tell 192.168.30.2, length 46
  29. 11:58:37.259451 IP 192.168.30.2.41827 > acer-Aspire-4741.7547: Flags [P.], seq 138:143, ack 1, win 115, options [nop,nop,TS val 559452 ecr 1445932450], length 5
  30. 11:58:37.259470 IP acer-Aspire-4741.7547 > 192.168.30.2.41827: Flags [.], ack 143, win 510, options [nop,nop,TS val 1445933001 ecr 559452], length 0
  31. 11:58:37.259489 IP 192.168.30.2.41827 > acer-Aspire-4741.7547: Flags [.], seq 143:1591, ack 1, win 115, options [nop,nop,TS val 559452 ecr 1445932450], length 1448
  32. 11:58:37.259501 IP acer-Aspire-4741.7547 > 192.168.30.2.41827: Flags [.], ack 1591, win 501, options [nop,nop,TS val 1445933001 ecr 559452], length 0
  33. 11:58:37.259728 IP 192.168.30.2.41827 > acer-Aspire-4741.7547: Flags [P.], seq 1591:2959, ack 1, win 115, options [nop,nop,TS val 559452 ecr 1445933001], length 1368
  34. 11:58:37.259741 IP acer-Aspire-4741.7547 > 192.168.30.2.41827: Flags [.], ack 2959, win 501, options [nop,nop,TS val 1445933001 ecr 559452], length 0
  35. 11:58:37.267865 IP acer-Aspire-4741.7547 > 192.168.30.2.41827: Flags [P.], seq 1:173, ack 2959, win 501, options [nop,nop,TS val 1445933009 ecr 559452], length 172
  36. 11:58:37.268708 IP 192.168.30.2.41827 > acer-Aspire-4741.7547: Flags [.], ack 173, win 123, options [nop,nop,TS val 559461 ecr 1445933009], length 0
  37. 11:58:37.269050 IP 192.168.30.2.41827 > acer-Aspire-4741.7547: Flags [F.], seq 2959, ack 173, win 123, options [nop,nop,TS val 559461 ecr 1445933009], length 0
  38. 11:58:37.274305 IP acer-Aspire-4741.7547 > 192.168.30.2.41827: Flags [F.], seq 173, ack 2960, win 501, options [nop,nop,TS val 1445933016 ecr 559461], length 0
  39. 11:58:37.274614 IP 192.168.30.2.41827 > acer-Aspire-4741.7547: Flags [.], ack 174, win 123, options [nop,nop,TS val 559467 ecr 1445933016], length 0
  40. 11:58:38.222935 ARP, Request who-has 192.168.3.254 tell 192.168.30.2, length 46
  41.  
  42.  
  43.  
  44. Header Info
  45. 12:09:56.860109 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 328)
  46. 192.168.30.2.bootpc > acer-Aspire-4741.bootps: [udp sum ok] BOOTP/DHCP, Request from a4:91:b1:55:ec:a0 (oui Unknown), length 300, xid 0xb3b681b, Flags [none] (0x0000)
  47. Client-IP 192.168.30.2
  48. Client-Ethernet-Address a4:91:b1:55:ec:a0 (oui Unknown)
  49. Vendor-rfc1048 Extensions
  50. Magic Cookie 0x63825363
  51. DHCP-Message Option 53, length 1: Release
  52. Server-ID Option 54, length 4: acer-Aspire-4741
  53. END Option 255, length 0
  54. PAD Option 0, length 0, occurs 50
  55. E..H..@.@.|Q.........D.C.4.&.....;h........................U............................................................................................................................................................................................................c.Sc5..6........................................................
  56. 12:10:00.090196 IP (tos 0x0, ttl 64, id 15247, offset 0, flags [DF], proto ICMP (1), length 48)
  57. acer-Aspire-4741 > 192.168.30.2: ICMP echo request, id 28332, seq 0, length 28
  58. E..0;.@.@.A............Sn.......................
  59. 12:10:01.091527 IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 339)
  60. acer-Aspire-4741.bootps > 192.168.30.2.bootpc: [udp sum ok] BOOTP/DHCP, Reply, length 311, xid 0x4b525cd4, Flags [none] (0x0000)
  61. Your-IP 192.168.30.2
  62. Server-IP acer-Aspire-4741
  63. Client-Ethernet-Address a4:91:b1:55:ec:a0 (oui Unknown)
  64. Vendor-rfc1048 Extensions
  65. Magic Cookie 0x63825363
  66. DHCP-Message Option 53, length 1: Offer
  67. Server-ID Option 54, length 4: acer-Aspire-4741
  68. Lease-Time Option 51, length 4: 600
  69. Subnet-Mask Option 1, length 4: 255.255.255.0
  70. Default-Gateway Option 3, length 4: 192.168.3.254
  71. Domain-Name-Server Option 6, length 4: 192.168.3.1
  72. Vendor-Option Option 43, length 35: 1.24.104.116.116.112.58.47.47.49.57.50.46.49.54.56.46.51.48.46.49.58.55.53.52.55.2.7.70.105.120.101.100.73.116
  73. END Option 255, length 0
  74. E..S......|6.........C.D.?.(....KR\........................U............................................................................................................................................................................................................c.Sc5..6.....3....X..................+#..http://192.168.30.1:7547..FixedIt.
  75. 12:10:01.130532 IP (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 339)
  76. acer-Aspire-4741.bootps > 192.168.30.2.bootpc: [udp sum ok] BOOTP/DHCP, Reply, length 311, xid 0x4b525cd4, secs 1, Flags [none] (0x0000)
  77. Your-IP 192.168.30.2
  78. Server-IP acer-Aspire-4741
  79. Client-Ethernet-Address a4:91:b1:55:ec:a0 (oui Unknown)
  80. Vendor-rfc1048 Extensions
  81. Magic Cookie 0x63825363
  82. DHCP-Message Option 53, length 1: ACK
  83. Server-ID Option 54, length 4: acer-Aspire-4741
  84. Lease-Time Option 51, length 4: 600
  85. Subnet-Mask Option 1, length 4: 255.255.255.0
  86. Default-Gateway Option 3, length 4: 192.168.3.254
  87. Domain-Name-Server Option 6, length 4: 192.168.3.1
  88. Vendor-Option Option 43, length 35: 1.24.104.116.116.112.58.47.47.49.57.50.46.49.54.56.46.51.48.46.49.58.55.53.52.55.2.7.70.105.120.101.100.73.116
  89. END Option 255, length 0
  90. E..S......|6.........C.D.?.'....KR\........................U............................................................................................................................................................................................................c.Sc5..6.....3....X..................+#..http://192.168.30.1:7547..FixedIt.
  91. 12:10:03.310197 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has acer-Aspire-4741 tell 192.168.30.2, length 46
  92. ...........U..................................
  93. 12:10:03.310278 ARP, Ethernet (len 6), IPv4 (len 4), Reply acer-Aspire-4741 is-at 20:6a:8a:10:4a:94 (oui Unknown), length 28
  94. ........ j..J........U......
  95. 12:10:03.310800 IP (tos 0x0, ttl 64, id 17189, offset 0, flags [DF], proto TCP (6), length 60)
  96. 192.168.30.2.33912 > acer-Aspire-4741.7547: Flags [S], cksum 0x3679 (correct), seq 879707080, win 14600, options [mss 1460,sackOK,TS val 1245421 ecr 0,nop,wscale 7], length 0
  97. E..<C%@.@.:C.........x.{4oC.......9.6y.........
  98. ............
  99. 12:10:03.310844 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
  100. acer-Aspire-4741.7547 > 192.168.30.2.33912: Flags [S.], cksum 0xbd82 (incorrect -> 0xe22a), seq 2710957888, ack 879707081, win 65160, options [mss 1460,sackOK,TS val 1446619052 ecr 1245421,nop,wscale 7], length 0
  101. E..<..@.@.}h.........{.x...@4oC................
  102. V9..........
  103. 12:10:03.311135 IP (tos 0x0, ttl 64, id 17190, offset 0, flags [DF], proto TCP (6), length 52)
  104. 192.168.30.2.33912 > acer-Aspire-4741.7547: Flags [.], cksum 0x0f0c (correct), seq 1, ack 1, win 115, options [nop,nop,TS val 1245422 ecr 1446619052], length 0
  105. E..4C&@.@.:J.........x.{4oC....A...s.......
  106. ....V9..
  107. 12:10:03.311530 IP (tos 0x0, ttl 64, id 17191, offset 0, flags [DF], proto TCP (6), length 56)
  108. 192.168.30.2.33912 > acer-Aspire-4741.7547: Flags [P.], cksum 0x6b5c (correct), seq 1:5, ack 1, win 115, options [nop,nop,TS val 1245422 ecr 1446619052], length 4
  109. E..8C'@.@.:E.........x.{4oC....A...sk\.....
  110. ....V9..POST
  111. 12:10:03.311555 IP (tos 0x0, ttl 64, id 54998, offset 0, flags [DF], proto TCP (6), length 52)
  112. acer-Aspire-4741.7547 > 192.168.30.2.33912: Flags [.], cksum 0xbd7a (incorrect -> 0x0d7c), seq 1, ack 5, win 510, options [nop,nop,TS val 1446619053 ecr 1245422], length 0
  113. E..4..@.@............{.x...A4oC......z.....
  114. V9......
  115. 12:10:03.311761 IP (tos 0x0, ttl 64, id 17192, offset 0, flags [DF], proto TCP (6), length 185)
  116. 192.168.30.2.33912 > acer-Aspire-4741.7547: Flags [P.], cksum 0x66e6 (correct), seq 5:138, ack 1, win 115, options [nop,nop,TS val 1245422 ecr 1446619053], length 133
  117. E...C(@.@.9..........x.{4oC....A...sf......
  118. ....V9.. / HTTP/1.1
  119. Content-Type: text/xml; charset=ISO-8859-1
  120. Host:192.168.30.1
  121. User-Agent:
  122. SOAPAction:
  123. Transfer-Encoding: chunked
  124.  
  125.  
  126. 12:10:03.311774 IP (tos 0x0, ttl 64, id 54999, offset 0, flags [DF], proto TCP (6), length 52)
  127. acer-Aspire-4741.7547 > 192.168.30.2.33912: Flags [.], cksum 0xbd7a (incorrect -> 0x0cf8), seq 1, ack 138, win 509, options [nop,nop,TS val 1446619053 ecr 1245422], length 0
  128. E..4..@.@............{.x...A4oDR.....z.....
  129. V9......
  130. 12:10:03.791907 IP (tos 0x0, ttl 64, id 17193, offset 0, flags [DF], proto TCP (6), length 57)
  131. 192.168.30.2.33912 > acer-Aspire-4741.7547: Flags [P.], cksum 0x4021 (correct), seq 138:143, ack 1, win 115, options [nop,nop,TS val 1245902 ecr 1446619053], length 5
  132. E..9C)@.@.:B.........x.{4oDR...A...s@!.....
  133. ....V9..afa
  134.  
  135. 12:10:03.791991 IP (tos 0x0, ttl 64, id 55000, offset 0, flags [DF], proto TCP (6), length 52)
  136. acer-Aspire-4741.7547 > 192.168.30.2.33912: Flags [.], cksum 0xbd7a (incorrect -> 0x0933), seq 1, ack 143, win 509, options [nop,nop,TS val 1446619533 ecr 1245902], length 0
  137. E..4..@.@............{.x...A4oDW.....z.....
  138. V9......
  139. 12:10:03.792010 IP (tos 0x0, ttl 64, id 17194, offset 0, flags [DF], proto TCP (6), length 1500)
  140. 192.168.30.2.33912 > acer-Aspire-4741.7547: Flags [.], seq 143:1591, ack 1, win 115, options [nop,nop,TS val 1245902 ecr 1446619053], length 1448
  141. E...C*@.@.4..........x.{4oDW...A...so......
  142. ....V9..<soapenv:Envelope soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:soap="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:cwmp="urn:dslforum-org:cwmp-1-2">
  143. <soapenv:Header>
  144. <cwmp:ID soapenv:mustUnderstand="1">16_THOM_TR69_ID</cwmp:ID>
  145. </soapenv:Header>
  146. <soapenv:Body>
  147. <cwmp:Inform><DeviceId><Manufacturer>Technicolor</Manufacturer><OUI>A491B1</OUI><ProductClass>Technicolor DJA0230TLS</ProductClass><SerialNumber>CP1826TA1GR</SerialNumber></DeviceId><Event soap:arrayType="cwmp:EventStruct[03]"><EventStruct><EventCode>0 BOOTSTRAP</EventCode><CommandKey></CommandKey></EventStruct><EventStruct><EventCode>1 BOOT</EventCode><CommandKey></CommandKey></EventStruct><EventStruct><EventCode>4 VALUE CHANGE</EventCode><CommandKey></CommandKey></EventStruct></Event><MaxEnvelop
  148. 12:10:03.792020 IP (tos 0x0, ttl 64, id 55001, offset 0, flags [DF], proto TCP (6), length 52)
  149. acer-Aspire-4741.7547 > 192.168.30.2.33912: Flags [.], cksum 0xbd7a (incorrect -> 0x0392), seq 1, ack 1591, win 501, options [nop,nop,TS val 1446619534 ecr 1245902], length 0
  150. E..4..@.@............{.x...A4oI......z.....
  151. V9......
  152. 12:10:03.792270 IP (tos 0x0, ttl 64, id 17195, offset 0, flags [DF], proto TCP (6), length 1421)
  153. 192.168.30.2.33912 > acer-Aspire-4741.7547: Flags [P.], seq 1591:2960, ack 1, win 115, options [nop,nop,TS val 1245903 ecr 1446619533], length 1369
  154. E...C+@.@.4..........x.{4oI....A...s.Q.....
  155. ....V9..ovisioningCode</Name><Value xsi:type="xsd:string">FixedIt</Value></ParameterValueStruct>
  156. <ParameterValueStruct><Name>Device.ManagementServer.ParameterKey</Name><Value xsi:type="xsd:string"></Value></ParameterValueStruct>
  157. <ParameterValueStruct><Name>Device.ManagementServer.ConnectionRequestURL</Name><Value xsi:type="xsd:string">http://192.168.30.2:51007/BWzCgywuaBPcyEFR</Value></ParameterValueStruct>
  158. <ParameterValueStruct><Name>Device.ManagementServer.AliasBasedAddressing</Name><Value xsi:type="xsd:boolean">0</Value></ParameterValueStruct>
  159. <ParameterValueStruct><Name>Device.RootDataModelVersion</Name><Value xsi:type="xsd:string">2.11</Value></ParameterValueStruct>
  160. <ParameterValueStruct><Name>Device.Cellular.Interface.1.USIM.IMSI</Name><Value xsi:type="xsd:string"></Value></ParameterValueStruct>
  161. <ParameterValueStruct><Name>Device.Cellular.Interface.1.X_000E50_SoftwareVersion</Name><Value xsi:type="xsd:string">EC25AUTLFAR06A07V04M4G</Value><
  162. 12:10:03.792284 IP (tos 0x0, ttl 64, id 55002, offset 0, flags [DF], proto TCP (6), length 52)
  163. acer-Aspire-4741.7547 > 192.168.30.2.33912: Flags [.], cksum 0xbd7a (incorrect -> 0xfe37), seq 1, ack 2960, win 501, options [nop,nop,TS val 1446619534 ecr 1245903], length 0
  164. E..4..@.@............{.x...A4oOX.....z.....
  165. V9......
  166. 12:10:03.801698 IP (tos 0x0, ttl 64, id 55003, offset 0, flags [DF], proto TCP (6), length 224)
  167. acer-Aspire-4741.7547 > 192.168.30.2.33912: Flags [P.], cksum 0xbe26 (incorrect -> 0x3a68), seq 1:173, ack 2960, win 501, options [nop,nop,TS val 1446619543 ecr 1245903], length 172
  168. E.....@.@............{.x...A4oOX.....&.....
  169. V9......HTTP/1.1 500 Internal Server Error
  170. Connection: close
  171. Date: Sun, 04 Aug 2019 02:10:03 GMT
  172. Transfer-Encoding: chunked
  173.  
  174. 27
  175. TypeError: Unknown encoding: iso-8859-1
  176. 0
  177.  
  178.  
  179. 12:10:03.802132 IP (tos 0x0, ttl 64, id 17196, offset 0, flags [DF], proto TCP (6), length 52)
  180. 192.168.30.2.33912 > acer-Aspire-4741.7547: Flags [.], cksum 0xfef2 (correct), seq 2960, ack 173, win 123, options [nop,nop,TS val 1245913 ecr 1446619543], length 0
  181. E..4C,@.@.:D.........x.{4oOX.......{.......
  182. ....V9..
  183. 12:10:03.802451 IP (tos 0x0, ttl 64, id 17197, offset 0, flags [DF], proto TCP (6), length 52)
  184. 192.168.30.2.33912 > acer-Aspire-4741.7547: Flags [F.], cksum 0xfef1 (correct), seq 2960, ack 173, win 123, options [nop,nop,TS val 1245913 ecr 1446619543], length 0
  185. E..4C-@.@.:C.........x.{4oOX.......{.......
  186. ....V9..
  187. 12:10:03.808641 IP (tos 0x0, ttl 64, id 55004, offset 0, flags [DF], proto TCP (6), length 52)
  188. acer-Aspire-4741.7547 > 192.168.30.2.33912: Flags [F.], cksum 0xbd7a (incorrect -> 0xfd6f), seq 173, ack 2961, win 501, options [nop,nop,TS val 1446619550 ecr 1245913], length 0
  189. E..4..@.@............{.x....4oOY.....z.....
  190. V9......
  191. 12:10:03.808970 IP (tos 0x0, ttl 64, id 17198, offset 0, flags [DF], proto TCP (6), length 52)
  192. 192.168.30.2.33912 > acer-Aspire-4741.7547: Flags [.], cksum 0xfee3 (correct), seq 2961, ack 174, win 123, options [nop,nop,TS val 1245919 ecr 1446619550], length 0
  193. E..4C.@.@.:B.........x.{4oOY.......{.......
  194. ....V9..
  195. 12:10:04.180168 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.3.254 tell 192.168.30.2, length 46
  196. ...........U..................................
  197. 12:10:05.181214 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.3.254 tell 192.168.30.2, length 46
  198. ...........U..................................
  199. 12:10:06.183303 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.3.254 tell 192.168.30.2, length 46
  200. ...........U..................................
  201. ^C
RAW Paste Data