On Sun, 28 Apr 2002, Steve Snyder wrote: > I've had this same entry in my connection tracking table (seen via "cat > /proc/net/ip_conntrack") for about a week. > > tcp 6 175631 ESTABLISHED src=192.168.0.3 dst=151.193.160.75 > sport=1079 dport=443 [UNREPLIED] src=151.193.160.75 dst=12.222.5.178 > sport=443 dport=1079 use=1 > > Can anyone tell me what the [UNREPLIED] means and why it should linger so > long in the table?
That was probably generated by a single ACK packet, at which the TCP connection tracking engine assumes the state ESTABLISHED. The ACK was never answered by the target machine, thus it is UNREPLIED. The ESTABLISHED state has five days timeout, so this conntrack entry lives long. If you don't like this behaviour, then you can drop any non-SYN NEW state TCP packet by a proper rule. Regards, Jozsef - E-mail : [EMAIL PROTECTED], [EMAIL PROTECTED] WWW-Home: http://www.kfki.hu/~kadlec Address : KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary
