Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
minhhaivietnam
Contributor

fw ctl conntab output

Hello all,

 

I run this command on my firewall R80.10

fw ctl conntab  -dip=10.128.33.31 -sip=10.128.73.11 

And I saw the result :

<(inbound, src=[10.128.73.11,39125], dest=[10.128.33.31,5701], TCP); 23/25, rule=24, tcp state=SYN_SENT, service=343, conn modules: PSL, SeqVerifier>

The "tcp state" is SYN_SENT -> Does this mean the connection is not established because 3-step is not finished? If so, why this "not-established-connection" is still in connection table?

What is mean of 23/25? -> Does this mean "after 23s" this connection will be removed?

 

Thanks very much for replying me!

 

 

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

Connections that are starting/ending have much shorter timeouts.
In this case, this starting connection has a timeout of 25 seconds.
The 23 refers to the number of seconds the connection has left before it is timed out.
0 Kudos