> Also, is there any way to monitor the state table so that I'm notified when it
> changes for a particular target IP address?
I don't know about "notified" but see if the Diagnostics: Firewall States page in m0n0wall helps.
Click on a source or destination IP to filter.
Also under System: Advanced Setup there is a "TCP idle timeout" setting under Firewall, but "the
default is 2.5 hours."