>>> sr1(IP(ttl = 2, dst = '66.28.63.9') / \
TCP(dport = 139), timeout = 5).display()
Begin emission:
..Finished to send 1 packets.
.....*
Received 8 packets, got 1 answers, remaining 0 packets
---[ IP ]---
version = 4L
ihl = 5L
tos = 0x0
len = 56
id = 1
flags =
frag = 0L
ttl = 63
proto = ICMP
chksum = 0xf90a
src = 80.15.114.1
dst = 192.168.0.1
options = ''
---[ ICMP ]---
type = time-exceeded
code = 0
chksum = 0xf460
id = 0x0
seq = 0x0
---[ IP in ICMP ]---
version = 4L
ihl = 5L
tos = 0x0
len = 40
id = 1
flags =
frag = 0L
ttl = 0
proto = TCP
chksum = 0x7901
src = 192.168.0.1
dst = 66.28.63.9
options = ''
---[ TCP in ICMP ]---
sport = 20
dport = 139
seq = 0L
ack = 0
dataofs = 0
reserved = 0
flags = S
window = 0
chksum = 0x0
urgptr = 0
options = {}
Comme c'est étrange : on a une réponse.
Modifions un peu le premier segment TCP, remplacons le port
source par un autre supérieur à 1024 :
>>> sr1(IP(ttl = 2, dst = '66.28.63.9') / TCP(sport = 4242, \
dport = 139), timeout = 5).display()
---[ IP ]---
version = 4L
ihl = 5L
tos = 0x0
len = 56
id = 1
flags =
frag = 0L
ttl = 63
proto = ICMP
chksum = 0xf90a
src = 80.15.114.1
dst = 192.168.0.1
options = ''
---[ ICMP ]---
type = time-exceeded
code = 0
chksum = 0xf460
id = 0x0
seq = 0x0
---[ IP in ICMP ]---
version = 4L
ihl = 5L
tos = 0x0
len = 40
id = 1
flags =
frag = 0L
ttl = 0
proto = TCP
chksum = 0x7901
src = 192.168.0.1
dst = 66.28.63.9
options = ''
---[ TCP in ICMP ]---
sport = 4242
dport = 139
seq = 0L
ack = 0
dataofs = 0
reserved = 0
flags = S
window = 0
chksum = 0x0
urgptr = 0
options = {}
Hum, encore plus bizarre. Ça sent le filtrage stateless.
Aujourd'hui, je recommence (mon bail ADSL a été renouvellé), et je n'ai plus ce comportement qui était parfaitement reproductible la veille. Étrange non ?
Bien entendu, ce n'est pas mon serveur/modem qui filtrait quoique ce soit, j'en suis sûr. Il n'y aucun problème de routage non plus.