Ah, just like the Checkpoint implementation. So their is still no state tracking per say, but a hash table based on SA/port DA/port, and a 180 second timer. Doesn't 180 seconds seem a tad long? I kinda vaguely remember Checkpoint default on this being 40 seconds. I remember being in a discussion with some developers on this and the consensus was 30 second heartbeats ( strange, they almost always end up with 30 second heartbeats for everything, hehe ). Could the developers enlighten me as to why they ended up with 180? Not a big deal, but it never hurts to learn something :-) Thanks, Ted PS By the way your tutorials are great. On Wed, 2003-11-05 at 02:23, Cedric Blancher wrote: > Le mer 05/11/2003 à 03:30, Ted Kaczmarek a écrit : > > udp is connectionless, not sure where you can get a state on it. > > Connection <> state > > State tracking applies to UDP and is based on timers. See Iptables > Tutorial for UDP state tracking : > > http://iptables-tutorial.frozentux.net/chunkyhtml/udpconnections.html
