Alexandr Nedvedicky
State numbers in IPF
While I was working on fix of CR 6827271 (ipfilter TCP state emulation ends up in 5/0 state (Established/Closed) I've decided to fix the ancient CR 6562745. It was a good opurtunity, because I was touching a code near arround anyway. This should make life easier for administrators, who are running a Solaris and Non-Solaris versions of IPF. Table below summarizes state number changes introduced by CR 6562745
| State name | New Number | Old Number |
|---|---|---|
| Listen (IPF_TCPS_LISTEN) | 0 | 1 |
| Syn Sent (IPF_TCPS_SYN_SENT) | 1 | 2 |
| Syn Received (IPF_TCPS_SYN_RECEIVED) | 2 | 3 |
| Half Established (IPF_TCPS_HALF_ESTAB) | 3 | 4 |
| Established (IPF_TCPS_ESTABLISHED) | 4 | 5 |
| Close Wait (IPF_TCPS_CLOSE_WAIT) | 5 | 6 |
| Fin Wait 1 (IPF_TCPS_FIN_WAIT_1) | 6 | 7 |
| Closing (IPF_TCPS_CLOSING) | 7 | 8 |
| Last Ack (IPF_TCPS_LAST_ACK) | 8 | 9 |
| Fin Wait 2 (IPF_TCPS_FIN_WAIT_2) | 9 | 10 |
| Time Wait (IPF_TCPS_TIME_WAIT) | 10 | 11 |
| Closed (IPF_TCPS_CLOSED) | 11 | 0 |
| Number of States (IPF_TCPS_NSTATES) | 12 | 12 |
The former state numbering was prone to errors in IPF code. One had to keep it mind the final state CLOSED had number 0 assigned. This has gone with introduction of new code. One can rely on fact that state emulation now always progresses from lowere state number to greater state numbers.
Posted at 03:24PM Jul 10, 2009 by Alexandr Nedvedicky in Personal | Comments[0]