4 connection timeouts – Allied Telesis AT-WR4500 User Manual

AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers

213

RouterOS v3 Configuration and User Guide

Property Description

assured (read-only: true | false) - shows whether replay was seen for the last packet matching this entry
connection-mark (read-only: text) - Connection mark set in mangle
dst-address (read-only: IP address:port) - the destination address and port the connection is established to
icmp-id (read-only: integer) - contains the ICMP ID. Each ICMP packet gets an ID set to it when it is sent,
and when the receiver gets the ICMP message, it sets the same ID within the new ICMP message so that
the sender will recognize the reply and will be able to connect it with the appropriate ICMP request
icmp-option (read-only: integer) - the ICMP type and code fields
p2p (read-only: text) - peer to peer protocol
protocol (read-only: text) - IP protocol name or number
reply-dst-address (read-only: IP address:port) - the destination address and port the reply connection is
established to
reply-icmp-id (read-only: integer) - contains the ICMP ID of received packet
reply-icmp-option (read-only: integer) - the ICMP type and code fields of received packet
reply-src-address (read-only: IP address:port) - the source address and port the reply connection is
established from
src-address (read-only: IP address:port) - the source address and port the connection is established from
tcp-state (read-only: text) - the state of TCP connection
timeout (read-only: time) - the amount of time until the connection will be timed out
unreplied (read-only: true | false) - shows whether the request was unreplied

9.3.4

Connection Timeouts

Submenu level: /ip firewall connection tracking

Description

Connection tracking provides several timeouts. When particular timeout expires the according entry is
removed from the connection state table. The following diagram depicts typical TCP connection
establishment and termination and tcp timeouts that take place during these processes:

Figure 33: Firewall Connection Tracking timeouts

Property Description

enable (yes | no; default: yes) - whether to allow or disallow connection tracking
generic-timeout (time; default: 10m) - maximal amount of time connection state table entry that keeps
tracking of packets that are neither TCP nor UDP (for instance GRE) will survive after having seen last
packet matching this entry. Creating PPTP connection this value will be increased automaticly
icmp-timeout (time; default: 10s) - maximal amount of time connection tracking entry will survive after
having seen ICMP request