What is SINGLE:NO_TRAFFIC, and the rest?



  • Trying to figure out a problem with PPTP, i'm looking at the undocumented states table:

    tcp 192.168.1.98:56953 -> 216.8.131.235:63455 -> 216.8.139.6:1723 ESTABLISHED:ESTABLISHED   
    tcp 216.8.139.6:1723 <- 192.168.1.98:56953 ESTABLISHED:ESTABLISHED   
    gre 192.168.1.98 -> 216.8.139.6 SINGLE:NO_TRAFFIC   
    gre 216.8.139.6 <- 192.168.1.98 NO_TRAFFIC:SINGLE 
    

    What does the value1:value2 syntax represent? Is value1 the condition of the state going left to right, and value2 is the condition of the state going right to left? i.e.

    value1 -> value2
    value1 <- value2

    Or is value1 the condition of the state of from "from" side of the arrow, and value2 is the condition of the state on the "to" side of the arrow? i.e.

    value1 -> value2
    value2 <- value1

    When referring to TCP traffic, i know what the ESTABLISHED state means. It's part of the TCP connection buildup/teardown process (e.g. SYN_SEND, TIME_WAIT, ESTABLISHED, FIN_WAIT2, etc).

    But GRE packets (protocol 47) are not TCP packets, so i do not know what their "states" are. What is SINGLE and NO_TRAFFIC? Are these terms related to the Point-to-Point Tunneling Protocol, or are they are generic term used in BSD/pfSense? i don't think they are part of the PPTP spec, because they're not in the RFC (http://www.faqs.org/rfcs/rfc2637.html).

    What does SINGLE mean? What does NO_TRAFFIC mean?

    What are other possible values? If it is TCP traffic do all the standard TCP connection build-up and teardown states apply?

    Valid State Table States

    Valid TCP protocol traffic states

    • SINGLE

    • MULTIPLE

    • LISTEN

    • SYN_SENT

    • SYN_RECEIVED

    • ESTABLISHED

    • CLOSE_WAIT

    • LAST_ACK

    • FIN_WAIT_1

    • CLOSING

    • FIN_WAIT_2

    • TIME_WAIT

    • the pfSense state table don't actually use LISTEN, or probably most others. LISTEN appers as SINGLE:MULTIPLE

    Valid UDP protocol traffic states

    • ?

    • ?

    Valid GRP protocol traffic states

    • SINGLE

    • NO_TRAFFIC

    • ESTABLISHED

    i'm hoping that if i can find the information i can turn this into a Wiki article. Google has no idea what NO_TRAFFIC is, neither does the Monowall docs.

    And if i do get this answered, the followup question will be why my PPTP client connection to a remote server breaks after some time - and i have to re-establish the PPTP session for it to work again, and the GRE state goes from
      SINGLE:NO_TRAFFIC
    to
      ESTABLISHED:ESTABLISHED



  • The blog has a post that goes over all of this.



  • @sullrich:

    The blog has a post that goes over all of this.

    The blog entry
    http://blog.pfsense.org/?p=137
    says that the states come from the various TCP states.

    Unfortunatly, there are no TCP states called SINGLE, MULTIPLE or NO_TRAFFIC. Also GRE traffic is not TCP traffic; GRE traffic doesn't have TCP states.

    So the original question still stands: SINGLE, NO_TRAFFIC.

    Or, is this being done by the kernel, it's nothing to do with pfSense per se, and i have to go hound the BCD guys to tell me what "SINGLE:NO_TRAFFIC" means?

    Oddly enough, if you Google for "NO_TRAFFIC" you get this very post!




Locked