Sorting out (and finding!) connection resets on Linux:

Sorting out connection resets:

tcpdump -nn -v ‘tcp[tcpflags] & (tcp-rst) != 0’

or

tcpdump -ilo -nn -v ‘tcp[tcpflags] & (tcp-rst) != 0’

-n is to stop resolving DNS names

-nn is to stop resolving DNS names AND port numbers to names

This is really useful when an app is logging connection resets, but not telling you what it is trying to connect to in the first place.

Leave a Reply