Basically the client or the server sends out a FIN or RST to signify that they are done with the connection. The Conntrack would drop the session. Afterwards the other side sends out an acknowledgement that the session was dropped. The packets are flagged as not established, since the connection from the other side was closed. I think it depends on an IPTables conntrack timeout value to determine how long to wait for the other side's response. I don't know what everyone else does about them, but I generally just drop them It may not be that clean, leaving other PC's IP stacks timeout the session close, but it happens so rarely to me, *meh* >My question is regarding syn packets, and probably statefulness... I'm >getting >a lot of log messages like this:
