From nobody Tue Mar 29 20:51:19 2022
X-Original-To: freebsd-pf@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 0EB391A3C2EE
	for <freebsd-pf@mlmmj.nyi.freebsd.org>; Tue, 29 Mar 2022 20:51:32 +0000 (UTC)
	(envelope-from cristian.cardoso11@gmail.com)
Received: from mail-qt1-x833.google.com (mail-qt1-x833.google.com [IPv6:2607:f8b0:4864:20::833])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4KShYt5Hfqz3MwM
	for <freebsd-pf@freebsd.org>; Tue, 29 Mar 2022 20:51:30 +0000 (UTC)
	(envelope-from cristian.cardoso11@gmail.com)
Received: by mail-qt1-x833.google.com with SMTP id s11so16439672qtc.3
        for <freebsd-pf@freebsd.org>; Tue, 29 Mar 2022 13:51:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=+hd4Y4Gqk2K60xapoharDUma1Y3gWNptrktbLFPC4cU=;
        b=Zq52dmzgmCzzyoxeWdF6+J/xpwPdGTCEDhCVdp+A0s4suLfI2kFD0PaQEbPbYlzCoI
         AkUG6S1GhdJowwoOm/1t11UbcTxDptzAZnSAG/cPWdJJOEA0vnbBuEYsIZcOIG+Adzto
         RALNltFsATOgkNTRiH7nl0MW/N/ElvxMtdza4dmZ/0CeM1+pQawmMu/SgkwvVN5ccm++
         aHsAlvMIrud/CQJVAqzQEX188LkLi3EDYeG9YUw6h9+Of79TK1u9UqfFsHsbY/O9YVx7
         EpS5MnIz/+Ybq0eD2b4hE7FI/a56R18we1uX/Ua8t8sgSrxf6lsTOEnnpTF2mZGLPp10
         +qHA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=+hd4Y4Gqk2K60xapoharDUma1Y3gWNptrktbLFPC4cU=;
        b=kPvqG4ogfWBn7OoSMWe3/IjMips6ry0xAsjfrOibs4QsPTAgmxiO768VTkmMWNoOoS
         GIsMHSb7jzpyrqkQMKCw8+uXf4OxCJh8hFN5WhcSlc+644/sIkJWz+ytN/eROop+sunO
         BLp24pkXutkY8bQ+luErrQ79SyAuGGEQ/SV4a08IIIROD99s4BZDuqEn5KzE9X+90g/F
         Cr1H5QyCCxH4p7NO1AB4bFTqlBHM1duIVn7/q32IlsmzEHnSeq2ds0Rl8TyHuj/JP4sr
         O8Wel+NXrndKPpRMbKct7DhrONHoXz0KG/coLis6TvHFd8jN4TxLREf1IeTn6Nvdt1I7
         ZK/A==
X-Gm-Message-State: AOAM532BKM2jPjQqT7R6NNeM1xCy3d/vBONrCjv8JiWIxaPgw28RJal9
	zurv9fti1Jyjlm2nfyeUQt8XU9x/P3BMxm9ZM4mkdV9uQA==
X-Google-Smtp-Source: ABdhPJz5d9WLSbr6cp/+Obs7eqd003blpxa/+iYj5lPFSa6yFUM62UNZuGtipe4TKQDPbuHhYnArZQ/UrWeP4Ou15vs=
X-Received: by 2002:ac8:5789:0:b0:2e1:c40e:9be3 with SMTP id
 v9-20020ac85789000000b002e1c40e9be3mr29465992qta.308.1648587090095; Tue, 29
 Mar 2022 13:51:30 -0700 (PDT)
List-Id: Technical discussion and general questions about packet filter (pf) <freebsd-pf.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-pf
List-Help: <mailto:pf+help@freebsd.org>
List-Post: <mailto:pf@freebsd.org>
List-Subscribe: <mailto:pf+subscribe@freebsd.org>
List-Unsubscribe: <mailto:pf+unsubscribe@freebsd.org>
Sender: owner-freebsd-pf@freebsd.org
X-BeenThere: freebsd-pf@freebsd.org
MIME-Version: 1.0
References: <CAKeEC-KZc2Uh46KnYyXAeXCULWGgg3VkW036H08u3-5MF9qGeA@mail.gmail.com>
 <558dfec2-031a-feb6-dc2f-f9fc83205896@sentex.net>
In-Reply-To: <558dfec2-031a-feb6-dc2f-f9fc83205896@sentex.net>
From: Cristian Cardoso <cristian.cardoso11@gmail.com>
Date: Tue, 29 Mar 2022 17:51:19 -0300
Message-ID: <CAKeEC-LbLX=knm8+Spps+vhWWrRy+RUGhGg_hW3vCQQwR0xqbg@mail.gmail.com>
Subject: Re: PF session ttl
To: mike tancsa <mike@sentex.net>
Cc: FreeBSD PF List <freebsd-pf@freebsd.org>
Content-Type: multipart/alternative; boundary="000000000000e2f0b705db6197c4"
X-Rspamd-Queue-Id: 4KShYt5Hfqz3MwM
X-Spamd-Bar: -
Authentication-Results: mx1.freebsd.org;
	dkim=pass header.d=gmail.com header.s=20210112 header.b=Zq52dmzg;
	dmarc=pass (policy=none) header.from=gmail.com;
	spf=pass (mx1.freebsd.org: domain of cristiancardoso11@gmail.com designates 2607:f8b0:4864:20::833 as permitted sender) smtp.mailfrom=cristiancardoso11@gmail.com
X-Spamd-Result: default: False [-1.87 / 15.00];
	 FREEMAIL_FROM(0.00)[gmail.com];
	 R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36];
	 URI_COUNT_ODD(1.00)[3];
	 MID_RHS_MATCH_FROMTLD(0.00)[];
	 TO_DN_ALL(0.00)[];
	 DKIM_TRACE(0.00)[gmail.com:+];
	 RCPT_COUNT_TWO(0.00)[2];
	 DMARC_POLICY_ALLOW(-0.50)[gmail.com,none];
	 NEURAL_HAM_SHORT(-1.00)[-1.000];
	 FROM_EQ_ENVFROM(0.00)[];
	 MIME_TRACE(0.00)[0:+,1:+,2:~];
	 FREEMAIL_ENVFROM(0.00)[gmail.com];
	 ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US];
	 TAGGED_FROM(0.00)[];
	 DWL_DNSWL_NONE(0.00)[gmail.com:dkim];
	 ARC_NA(0.00)[];
	 NEURAL_HAM_MEDIUM(-0.87)[-0.874];
	 R_DKIM_ALLOW(-0.20)[gmail.com:s=20210112];
	 FROM_HAS_DN(0.00)[];
	 NEURAL_HAM_LONG(-1.00)[-1.000];
	 MIME_GOOD(-0.10)[multipart/alternative,text/plain];
	 PREVIOUSLY_DELIVERED(0.00)[freebsd-pf@freebsd.org];
	 TO_MATCH_ENVRCPT_SOME(0.00)[];
	 RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::833:from];
	 HTTP_TO_IP(1.00)[];
	 MLMMJ_DEST(0.00)[freebsd-pf];
	 RCVD_COUNT_TWO(0.00)[2];
	 RCVD_TLS_ALL(0.00)[]
X-ThisMailContainsUnwantedMimeParts: N

--000000000000e2f0b705db6197c4
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Thanks for the command. But actually I wanted to know if there is a
"default" value, what is its value and if it is configurable.

Em ter., 29 de mar. de 2022 =C3=A0s 17:48, mike tancsa <mike@sentex.net>
escreveu:

> On 3/29/2022 4:30 PM, Cristian Cardoso wrote:
> > Hi
> > Guys, does anyone happen to know how to tell me the value of session
> > ttl that PF uses to terminate sessions that are via statefull?
>
> Are you looking for when a state expires ? If so, try
>
> pfctl -ss -v -v
>
> it will show you when it expires
>
> e.g
>
> all tcp 192.168.96.1:22 (10.159.159.249:24) <- 192.168.1.89:64660
> SYN_SENT:ESTABLISHED
>     [997609076 + 2097152] wscale 6  [2771445293 + 16777472] wscale 2
>     age 00:00:00, expires in 00:00:30, 1:1 pkts, 52:52 bytes
>     id: 90d5c76500000000 creatorid: 7b2b3e4b gateway: 0.0.0.0
>     origif: vlan9
>
>      ---Mike
>
>

--000000000000e2f0b705db6197c4
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Thanks for the command. But actually I wanted to know if t=
here is a &quot;default&quot; value, what is its value and if it is configu=
rable.<br></div><br><div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gm=
ail_attr">Em ter., 29 de mar. de 2022 =C3=A0s 17:48, mike tancsa &lt;<a hre=
f=3D"mailto:mike@sentex.net">mike@sentex.net</a>&gt; escreveu:<br></div><bl=
ockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-lef=
t:1px solid rgb(204,204,204);padding-left:1ex">On 3/29/2022 4:30 PM, Cristi=
an Cardoso wrote:<br>
&gt; Hi<br>
&gt; Guys, does anyone happen to know how to tell me the value of session <=
br>
&gt; ttl that PF uses to terminate sessions that are via statefull?<br>
<br>
Are you looking for when a state expires ? If so, try<br>
<br>
pfctl -ss -v -v<br>
<br>
it will show you when it expires<br>
<br>
e.g<br>
<br>
all tcp <a href=3D"http://192.168.96.1:22" rel=3D"noreferrer" target=3D"_bl=
ank">192.168.96.1:22</a> (<a href=3D"http://10.159.159.249:24" rel=3D"noref=
errer" target=3D"_blank">10.159.159.249:24</a>) &lt;- <a href=3D"http://192=
.168.1.89:64660" rel=3D"noreferrer" target=3D"_blank">192.168.1.89:64660</a=
>=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 <br>
SYN_SENT:ESTABLISHED<br>
=C2=A0=C2=A0=C2=A0 [997609076 + 2097152] wscale 6=C2=A0 [2771445293 + 16777=
472] wscale 2<br>
=C2=A0=C2=A0=C2=A0 age 00:00:00, expires in 00:00:30, 1:1 pkts, 52:52 bytes=
<br>
=C2=A0=C2=A0=C2=A0 id: 90d5c76500000000 creatorid: 7b2b3e4b gateway: 0.0.0.=
0<br>
=C2=A0=C2=A0=C2=A0 origif: vlan9<br>
<br>
=C2=A0=C2=A0=C2=A0=C2=A0 ---Mike<br>
<br>
</blockquote></div>

--000000000000e2f0b705db6197c4--