Re: flags on pIX

jayesh.thakur · ‎12-12-2004

TCP out 100.168.248.141:2215 in 200.26.39.14:135 idle 0:00:05 Bytes 442 flags UIOB

what does the "B" flag indicate

u== up

I== in bound

O== out bound

B== ?

prasadrp · ‎12-12-2004

B --> means it is an initial SYN packet from outside

scoclayton · ‎12-12-2004

As an aside, you can get the entire key of what all the TCP flags mean by issuing a 'show connection detail'. Output added below for confirmation:

sec-pix-501D(config)# sh conn detail

0 in use, 0 most used

Flags: A - awaiting inside ACK to SYN, a - awaiting outside ACK to SYN,

B - initial SYN from outside, C - CTIQBE media, D - DNS, d - dump,

E - outside back connection, F - outside FIN, f - inside FIN,

G - group, g - MGCP, H - H.323, h - H.225.0, I - inbound data, i - incomplete,

k - Skinny media, M - SMTP data, m - SIP media, O - outbound data,

P - inside back connection, q - SQL*Net data, R - outside acknowledged FIN,

R - UDP RPC, r - inside acknowledged FIN, S - awaiting inside SYN,

s - awaiting outside SYN, T - SIP, t - SIP transient, U - up

sec-pix-501D(config)#

Scott