Connection status

Unanswered Question
Sep 28th, 2007

Hi, need help

In my firewall i have no rule play in inside interface for outbound traffic but i have a rule play for inbound traffic in outside interface saying that from my particular branch network can access my server through SMTP.Just i wanted to know the connections..

But i use the command sh conn state data_out | grep 172.30.x.x,It showing the details given bellow

TCP out 172.x.x.x:1198 in 172.30.x.x:25 idle 8:40:06 Bytes 630 flags UFROB

if i use the command sh conn state data_in | grep 172.30.x.x also, It showing the details same given bellow

TCP out 172.x.x.x:1198 in 172.30.x.x:25 idle 8:40:06 Bytes 630 flags UFROB

Kinldy provide me information..there is no difference in the above connection status in and out inforamtion. Y is it so?..Then how can find which source is generating traffic?

Data_in==inbound conn

Data_out=outbund conn...

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
sundar.palaniappan Fri, 09/28/2007 - 11:15

The flags should help you deteremine whether the connection was initiated from inside or outside.

In your scenario the connection was initiated from outside based on the flag B.

UFROB --> (B) indicates initial SYN from outside

show conn detail would show the flags information.

HTH

Sundar

Actions

This Discussion