Problems with TCP Connection States and Timeouts

From:	"Simon Baker" <simonb at kaizo dot org>
To:	m0n0wall at lists dot m0n0 dot ch
Cc:	simonb at 6 dot kaizo dot org
Subject:	Problems with TCP Connection States and Timeouts
Date:	Wed, 11 Nov 2009 11:47:26 -0000

Hi Guys,

I seem to be having a random issue with one of my firewalls, and tcp  
connection timeouts.

Certain connections behave as expected, with a timeout of 3600, in the  
state table certain new connections appear as ~59:59 minutes:seconds.   
However some random new connections appear to have a timeout of only a few  
minutes, and there's a /big/ gap in between them.  For example, here's the  
two closest entries with a jump:


x.x.x.x		40575	x.x.x.x		80	tcp	10	7494	39:35
x.x.x.x		39587	x.x.x.x		80	tcp	2	120	4:00

As you can see, connections sliding down go from the expected full 60  
minutes, follow down in various times to 39:35 then massively just down to  
4 minutes and below!

Any ideas people ?

S.


-- 
http://kaizo.org | MOB +44 798 467 9418