replays last FIN-ACK in order to check if the other side correctly implements TIMED-WAIT. other side should be first to close the connection. with http this can be done in curl by forcing http/1.0 mode.
curl -0 -d 'lolol=lololol' http://TARGET/wtwtwt
tcpdump -S 'tcp port 80' -l | ./replayer.rb TARGET 80 YOUR_HOST_AS_APPEARS_IN_TCPDUMP
Example of it working and showing the other side correctly handling TIMED-WAIT:
root@midway:~# tcpdump -S 'tcp port 80' -l | ./replayer.rb 173.194.41.67 80 ip-10-250-157-181.eu-west-1.compute.internal
OMG IM RUNNING
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
15:04:04.282817 IP ip-10-250-157-181.eu-west-1.compute.internal.57675 > lhr08s01-in-f3.1e100.net.http: Flags [S], seq 4187014687, win 14600, options [mss 1460,sackOK,TS val 3716168392 ecr 0,nop,wscale 5], length 0
15:04:04.302975 IP lhr08s01-in-f3.1e100.net.http > ip-10-250-157-181.eu-west-1.compute.internal.57675: Flags [S.], seq 3358305039, ack 4187014688, win 62392, options [mss 1430,sackOK,TS val 3062860770 ecr 3716168392,nop,wscale 6], length 0
15:04:04.302994 IP ip-10-250-157-181.eu-west-1.compute.internal.57675 > lhr08s01-in-f3.1e100.net.http: Flags [.], ack 3358305040, win 457, options [nop,nop,TS val 3716168397 ecr 3062860770], length 0
15:04:04.303507 IP ip-10-250-157-181.eu-west-1.compute.internal.57675 > lhr08s01-in-f3.1e100.net.http: Flags [P.], seq 4187014688:4187014942, ack 3358305040, win 457, options [nop,nop,TS val 3716168397 ecr 3062860770], length 254
15:04:04.323965 IP lhr08s01-in-f3.1e100.net.http > ip-10-250-157-181.eu-west-1.compute.internal.57675: Flags [.], ack 4187014942, win 992, options [nop,nop,TS val 3062860791 ecr 3716168397], length 0
15:04:04.330642 IP lhr08s01-in-f3.1e100.net.http > ip-10-250-157-181.eu-west-1.compute.internal.57675: Flags [P.], seq 3358305040:3358306181, ack 4187014942, win 992, options [nop,nop,TS val 3062860798 ecr 3716168397], length 1141
15:04:04.330657 IP ip-10-250-157-181.eu-west-1.compute.internal.57675 > lhr08s01-in-f3.1e100.net.http: Flags [.], ack 3358306181, win 547, options [nop,nop,TS val 3716168404 ecr 3062860798], length 0
15:04:04.330668 IP lhr08s01-in-f3.1e100.net.http > ip-10-250-157-181.eu-west-1.compute.internal.57675: Flags [F.], seq 3358306181, ack 4187014942, win 992, options [nop,nop,TS val 3062860798 ecr 3716168397], length 0
15:04:04.332116 IP ip-10-250-157-181.eu-west-1.compute.internal.57675 > lhr08s01-in-f3.1e100.net.http: Flags [F.], seq 4187014942, ack 3358306182, win 547, options [nop,nop,TS val 3716168405 ecr 3062860798], length 0
GOT ONE: src:57675 syn: 4187014942 ack 3358306182
15:04:04.352402 IP lhr08s01-in-f3.1e100.net.http > ip-10-250-157-181.eu-west-1.compute.internal.57675: Flags [.], ack 4187014943, win 992, options [nop,nop,TS val 3062860820 ecr 3716168405], length 0
--- 173.194.41.67 hping statistic ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 20.1/20.1/20.1 ms
using eth0, addr: 10.250.157.181, MTU: 1500
HPING 173.194.41.67 (eth0 173.194.41.67): AF set, 40 headers + 0 data bytes
len=52 ip=173.194.41.67 ttl=46 id=10694 tos=0 iplen=52
sport=80 flags=A seq=0 win=992 rtt=20.1 ms
seq=3358306182 ack=4187014943 sum=167e urp=0
15:04:04.358078 IP ip-10-250-157-181.eu-west-1.compute.internal.57675 > lhr08s01-in-f3.1e100.net.http: Flags [F.], seq 4187014942, ack 3358306182, win 512, length 0
15:04:04.378033 IP lhr08s01-in-f3.1e100.net.http > ip-10-250-157-181.eu-west-1.compute.internal.57675: Flags [.], ack 4187014943, win 992, options [nop,nop,TS val 3062860845 ecr 3716168405], length 0
15:04:04.378047 IP ip-10-250-157-181.eu-west-1.compute.internal.57675 > lhr08s01-in-f3.1e100.net.http: Flags [R], seq 4187014943, win 0, length 0
^C13 packets captured
13 packets received by filter
0 packets dropped by kernel