Hi Jozsef, Huge thanks again :-). I'm currently writing up on the conntrack/state machine and I believe I got everything under control now and know more or less what to write about those two states :-). Once again, a huge thanks for the answers.
Have a nice day, Oskar Andreasson http://www.boingworld.com http://people.unix-fu.org/andreasson/ mailto: [EMAIL PROTECTED] ----- Original Message ----- From: "Jozsef Kadlecsik" <[EMAIL PROTECTED]> To: "Oskar Andreasson" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, May 02, 2002 11:57 AM Subject: Re: ip_ct_tcp_timeout_listen and none > Hi, > > On Thu, 2 May 2002, Oskar Andreasson wrote: > > > Just to make sure that I'm not wrong, I assume that we traverse from > > state NONE to TIME_WAIT in case we pick up an already established and > > running connection which is just about to close. In such case, we go > > from NONE to TIME_WAIT or CLOSE, correct me if I'm wrong? > > Yes, exactly. Connection tracking is separated from filtering. The goal is > to keep track of the connection, as perfectly as possible. So when the > first packet is a non-SYN-only, we assume an already established > connection and depending on the flags (ACK/FIN/RST) we assume > ESTABLISHED, TIME_WAIT or CLOSE state. > > Regards, > Jozsef > - > E-mail : [EMAIL PROTECTED], [EMAIL PROTECTED] > WWW-Home: http://www.kfki.hu/~kadlec > Address : KFKI Research Institute for Particle and Nuclear Physics > H-1525 Budapest 114, POB. 49, Hungary > >
