[ale] Idle Sockets vs. Firewall question

Allan Neal allanneal at comcast.net
Fri Oct 20 11:22:57 EDT 2006


Greg,

Checkpoint does!  Checkpoint defaults to 15 minutes idle.  This means
that it will keep the socket in it's state table until a 15 minute
idle timer times out, i.e. no packets at all.  Each packet to cross
that socket resets the timer.  Once the timer expires Checkpoint drops
if from it's state table but does not close the socket on either side
of the connection.  Thus if the app tries to send another packet
of the closed/forgoten socket the firewall drops the packet as an
"unestablished connection".

Allan

On Fri, Oct 20, 2006 at 10:46:35AM -0400, Greg Freemyer wrote:
> All,
> 
> I'm wondering if it is common for firewalls to close idle sockets after a
> period of time?
> 
> === Details
> I have a Java application that has been in service for years (since 1999 IIRC),
> but on a private satellite based data network (vsat).
> 
> We're in the process of moving it to the Internet (which means random firewalls
> at out client locations), and now we're getting complaints about non-delivered
> messages/notifications.
> 
> The way we handle notification is to have the client open a socket to the
> server and just leave it open (and idle) for hours at a time.  Then when a
> message needs to be delivered the server simply sends it down the existing
> socket.
> 
> Since this is basically the same code that has been in use for a while I doubt
> that it is a basic client/server issue.  Seems much more likely it is the
> network between the 2 which now is a much less controlled environment than it
> was with dedicated satellite gear.
> 
> Any other ideas are welcome.
> 
> Thanks
> Greg
> --
> Greg Freemyer
> The Norcross Group
> Forensics for the 21st Century

> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale

-- 
 / ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ \
|  /~~\                                 /~~\  |
|\ \   |   I would rather be exposed   |   / /|
| \   /|     to the inconveniences     |\   / |
|  ~~  |  attending too much liberty   |  ~~  |
|      |  than to those attending too  |      |
|      |     small a degree of it.     |      |
|      |      - Thomas Jefferson       |      |
|      |                               |      |
 \     |~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|     /
  \   /                                 \   /
   ~~~                                   ~~~
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: not available




More information about the Ale mailing list