Hello,
Robert Nichols a écrit :
R. DuFresne wrote:
On Fri, 1 Jun 2007, Martijn Lievaart wrote:
An connection is in the ESTABLISHED state once a packet has been
seen. So once the SYN is seen, the state is ESTABLISHED.
No, it is in state "new" with a mere syn sent.
Correct.
You have to specify whether you are talking about the TCP connection
status or the conntrack status. A mere SYN is sufficient to make an
ESTABLISHED status in conntrack.
Nope. The ESTABLISHED state is reached when traffic has been seen in
both "directions" (original and reply).
If that were not true, then when
I send a TCP SYN packet the SYN/ACK would never make it back through
my firewall.
Why not ? The connection goes into the ESTABLISHED state as soon as the
SYN/ACK is seen, and this state applies to the SYN/ACK packet itself.
