Bd Ts 2013 Firewall Session Teardown
My external firewall keeps sessions open because BD TS 2013 firewall client does not seem to acknowledge the server's Finish/Acknowledgement to complete the session teardown. This results in sessions remaining open on my external firewall and extra traffic flows from the internet servers.
I was able to capture frames using wireshark on the BD TS 2013 computer with and without BD TS 2013 firewall enabled.
A simple test is to open a web browser to some site.
Close the browser.
The BD TS 2013 computer will send fin packets to the web server requesting session closure.
The web server(s) respond back with fin/ack packets.
If the BD TS 2013 firewall is enabled, no ack packets are sent to acknowledge the server's fin/ack packets.
Now disable the BD TS 2013 firewall and connect / close to the same web server via the browser.
You should now see ack packets from the BD TS 2013 computer for the fin/ack packets from the server(s).
I tried setting the firewall's network adapter type to trusted, home/office, public. Each seemed to not sent an ack packet for the fin/ack's.
Comments
-
By the way, do you experience slowness here? If none, I would let it go. In my opinion, it's not worth the hassle. Just saying.
I just spent the last hour trying to upgrade the firmware on my wifi router via the web browser. It wouldn't work. Looking at the packets, I noticed there were 'no' fin packets. So for the heck of it I disabled the BD firewall, lo and behold, the firmware uploaded and the wifi was ultimately upgraded.0