[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pf state issue



On Fri, Mar 14, 2003 at 10:56:56AM -0600, Mike Frantzen wrote:
> The state indication is client:server.  Connection state is kept on each
> side of the connection semi independantly.  For instance with TCP if
> someone sends a SYN and then a RESET, we'll start up in SYN_SET:CLOSED
> end up in TIME_WAIT:CLOSED after the RESET.  Since the server never sent
> any traffic, it's side of the state never reflects an opened connection
> so we can treat the time the connection out appropriatly.
forgive my ignorance (and stubbornness), but while your example might be
sensible for tcp, it doesn't make sense to me the in the context of udp:
udp 127.0.0.1:30551 -> 127.0.0.1:53       MULTIPLE:SINGLE
udp 127.0.0.1:53 -> 127.0.0.1:30551       SINGLE:NO TRAFFIC
since udp itself is stateless, each half of the connection ought to simply
be held on a timer, nothing else.  and each half of pf's state table ought
to mirror its reflexive twin, in all aspects, or so i would believe.  can u
recast the explanation to udp?  thanks :)
ben