The connection table files source address, destination address, protocol, source port, destination port, etc. of a connection, as well as possible actions. This table is sorted according to source address, destination address, protocol, source port and destination port of the packet, which caused the entry in the table.
Under WEBconfig the filter list has the following structure:
The table contains the following elements:
Element | Element meaning |
---|---|
Src addr. | Source address of the connection |
Dst addr. | Destination address of the connection |
Protocol | Used protocol (TCP/UDP etc.). The protocol is decimally indicated. |
Src port | Source port of the connection. The port is only indicated with port-related protocols (TCP/UDP) or protocols, which own a comparable field (ICMP/GRE). |
Dst port | Destination port of the connection (with UDP connections, this one is occupied only with the first answer). |
Timeout | Each entry ages out with the time of this table, thus the table does not overflow with "died" connections. |
Flags | In the flags the condition of the connection and further (internal) information are stored in a bit field. As conditions the following values are possible: new, establish, open, closing, closed, rejected (corresponding to the TCP flags: SYN, SYN ACK, ACK, FIN, FIN ACK and RST). UDP connections know the conditions new, open and closing (the last one only, if the UDP connection is linked with a condition-afflicted control path. This is e.g. the case with protocol H.323.). |
Src route | Name of the remote station, over which the first packet has been received. |
Dst route | Name of the remote station, where the first packet will be sent to. |
Filter rule | Name of the rule, which has generated the entry (determines also the actions to be executed), when a suitable packet is received. |
Meaning of the flags of the connection list
Flag | Flag meaning |
---|---|
00000001 | TCP: SYN sent |
00000002 | TCP: SYN/ACK received |
00000004 | TCP: waiting for ACK of the server |
00000008 | all: open connection |
00000010 | TCP: FIN received |
00000020 | TCP: FIN sent |
00000040 | TCP: RST sent or received |
00000080 | TCP: session will be re-established |
00000100 | FTP: passive FTP connection will be established |
00000400 | H.323: belonging to T.120 connection |
00000800 | connection via loopback interface |
00001000 | checking concatenated rules |
00002000 | rule is catenated |
00010000 | destination is on "local route" |
00020000 | destination is on default route |
00040000 | destination is on VPN route |
00080000 | physical connection is not established |
00100000 | source is on default route |
00200000 | source is on VPN route |
00800000 | no route for destination |
01000000 | contains global actions with condition |