[Astlinux-devel] Firewall states

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

I've been paying more attention to the firewall states on the status page
to try and track down heavy internet users (though thankfully Comcast is
back now -- but power is not).

A lot of the information reported is not very useful.  For example, a lot
of bonjour traffic over port 5353 to 224.0.0.251 / ff02::fb currently
occupying 6 of the top 11 entries.  And then there is lots of traffic
within my internal networks.

Also, what is the TTL column, is it something to do when last traffic was
seen?  Started?  Can we age off old data... about 2/3rd of my entries are
showing 7199:xx in the TTL column and I am not sure how to interpret that.

All I really care about is recent traffic leaving and arriving across the
external interface(s).  Other than manually filtering, is there a way we
could make the status page's firewall states more helpful?

Thanks,
David