Date: Sun, 30 Jul 2006 14:26:30 -0700 From: Darrin Chandler <dwchandler@stilyagin.com> To: Ivan Levchenko <levchenko.i@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: pf states Message-ID: <20060730212630.GC3123@jeeves.stilyagin.local> In-Reply-To: <e39dd5bb0607301353y1fd79e6by7d2af3307bc02c40@mail.gmail.com> References: <e39dd5bb0607301353y1fd79e6by7d2af3307bc02c40@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Jul 30, 2006 at 08:53:48PM +0000, Ivan Levchenko wrote: > > Have a little question to which google didn't help a lot. > > I have pf firewall working great. i installed pftop to see whats going > on in real time. I see some state meanings that i would like to know > more about, for example no_traffic. > > I looked in the man pages and what not, but could not find what i was > looking for. Pftop assumes you have some knowledge of pf. Pf assumes you have some knowledge of networking. I think you are right that there's nowhere that really explains what these states are in realtion to pf. The STATE column in pftop (or "pfctl -s state") has two sides, one for each endpoint. The state SINGLE:NO_TRAFFIC is something I see a lot using symon/symux, where a udp datagram is sent and there is no reply (it's merely accepted). You will also see a lot of ESTABLISHED:ESTABLISHED and FIN_WAIT_2:FIN_WAIT_2 states. Most of these are not really specific to pf, and will be documented in various references online and in books. Most of the states you will see have to do with TCP connections being build, or as established, or being torn down. Google for Transmission Control Protocol and you should find what you're looking for (and WAY more). -- Darrin Chandler | Phoenix BSD Users Group dwchandler@stilyagin.com | http://bsd.phoenix.az.us/ http://www.stilyagin.com/ |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060730212630.GC3123>