Hi, On Tue, 30 Apr 2002, Oskar Andreasson wrote:
> I've been mucking around with the timeout values in conntrack > recently, and ran into the LISTEN timeout and NONE timeout and have a > bit of a problem understanding them. > > First of all, how do we know when to set a conntrack entry to LISTEN > since there is no data sent that will cause this afaik, except > possibly FTP data connections etc. Would this in other words be used > by the RELATED state, or is it used at any time by the ESTABLISHED > state, and if so how? Conntrack entries never enter the LISTEN state :-). In the default TCP connection tracking the state is there but no packet leads to it. In the TCP window tracking code it is explicitly stated that the LISTEN state is not used. > The NONE state I have a even harder time understanding. Which state is > it indicating if referencing to RFC 793, page 23 (correct page? I may > be wrong about the page since I don't have it here, but it should be > figure 6 which explains the TCP states). Anyways, what is this state > used for and when is a conntrack entry set to state NONE? The NONE state is the initial one when the conntrack entry is created. Depending on the flags of the packet (which triggered creating the conntrack entry) the state changes at once to SYN_SENT, SYN_RECEIVED, ESTABLISHED, TIME_WAIT or CLOSE (default conntrack). So the timeout values of the NONE and LISTEN states are irrelevant :-) Regards, Jozsef - E-mail : [EMAIL PROTECTED], [EMAIL PROTECTED] WWW-Home: http://www.kfki.hu/~kadlec Address : KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary
