We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda NextGen Firewall X

This Firmware Version Is End-Of-Support

As of December 1st, 2018, all new sales for Barracuda NextGen Firewall X Series products have ceased. Only renewals of software and hardware subscriptions for a maximum of one year are available for a limited time. December 1st 2019: All Barracuda Firewall X-Series sales will cease; neither new sales nor any renewals will be available. If you currently hold a maintenance and support contract, you will continue to receive our award-winning support and services until your contract expires, or until the End of Live definition as described in the End of Support and End of Life Information.

Monitoring Active and Recent Connections

  • Last updated on

To monitor network sessions or connections, view the following pages from the BASIC tab:

  • Active Connections – Lists all of the open and established sessions on the appliance.
  • Recent Connections – Lists all of the connections that were established on the Barracuda NextGen X-Series Firewall or that were trying to access the firewall.

You can find the information that you are interested in by filtering the lists. For a description of the displayed fields and information on how to add filters, click Help on the product page.

Active Connections

The BASIC > Active Connections page lists all of the open and established sessions on the appliance. You can terminate any session by clicking on the red x (red.png). If QoS is enabled for a connection, you can manually override the bandwidth policy for the connection by clicking on the arrow next to it and selecting a different policy from the drop-down menu.

In the State column, the following arrows tell you if the connection is established or closing:

ArrowStatus
one-way traffic.PNGOne-way traffic.
two-way traffic.PNG

Connection established (TCP). Two-way traffic (all other).

unestablished.PNGConnection could not be established.
closing.PNGClosing connection.

To view the status of a connection, hover over the arrow for a status code. For more information about these status codes, see the Status Code Overview.

Recent Connections

The BASIC > Recent Connections page lists all of the connections that were established on the X-Series Firewall or that were trying to access the firewall. Use the information on this page for troubleshooting. 

In the Action column, the following graphics tell you what action was performed for each connection:

GraphicAction
IPS rule.pngIPS Rule Applied
allow.pngAllowed
term.pngTerminated
fail.pngFailed
block.pngBlocked
drop.pngDropped

To see if there is still incoming or outgoing traffic for a specific session, click Refresh and then look at its Last or Count value.

Sometimes, you might need to view ARP-Update traffic to troubleshoot in more detail. To display ARP-Update info, select the Include ARPs check box.

To delete the whole history, click Flush Entries.

Status Code Overview

The following table provides more details on the status codes that you might see on the BASIC > Active Connections page.

Status CodeOriginDescription
FWD-NEW 

TCP Packet Forwarding Outbound

Session is validated by the firewall rule set, no traffic was forwarded so far.

FWD-FSYN-RCV 

TCP Packet Forwarding Outbound

The initial SYN packet received from the session source was forwarded.

FWD-RSYN-RSV

TCP Packet Forwarding Outbound

The session destination answered the SYN with a SYN/ACK packet.

FWD-EST 

TCP Packet Forwarding Outbound

The SYN/ACK packet was acknowledge by the session source. The TCP session is established.

FWD-RET 

TCP Packet Forwarding Outbound

Either source or destination are retransmitting packets. The connection might be dysfunctional.

FWD-FFIN-RCV 

TCP Packet Forwarding Outbound

The session source sent a FIN datagram indicating to terminate the session.

FWD-RLACK 

TCP Packet Forwarding Outbound

The session destination answered the FIN packet with a FIN reply and awaits the last acknowledgement for this packet.

FWD-RFIN-RCV 

TCP Packet Forwarding Outbound

The session destination sent a FIN datagram indicating to terminate the session.

FWD-FLACK 

TCP Packet Forwarding Outbound

The session source answered the FIN packet with a FIN reply and awaits the last acknowledgement for this packet.

FWD-WAIT 

TCP Packet Forwarding Outbound

The session was reset by one of the two participants by sending a RST packet. A wait period of 5 seconds will silently discard all packet belonging to that session.

FWD-TERM 

TCP Packet Forwarding Outbound

The session is terminated and will shortly be removed from the session list.

IFWD-NEW 

TCP Packet Forwarding Inbound

Session is validated by the firewall rule set, no traffic was forwarded so.

IFWD-SYN-SND 

TCP Packet Forwarding Inbound

A SYN packet was sent to the destination initiating the session (Note that the session with the source is already established).

IFWD-EST 

TCP Packet Forwarding Inbound

The destination replied the SYN with a SYN/ACK. The session is established.

IFWD-RET 

TCP Packet Forwarding Inbound

Either source or destination are re transmitting packets. The connection might be dysfunctional.

IFWD-FFIN-RCV 

TCP Packet Forwarding Inbound

The session source sent a FIN datagram indicating to terminate the session.

IFWD-RLACK 

TCP Packet Forwarding Inbound

The session destination answered the FIN packet with a FIN reply and awaits the last acknowledgement for this packet.

IFWD-RFIN-RCV 

TCP Packet Forwarding Inbound

The session destination sent a FIN datagram indicating to terminate the session.

IFWD-FLACK 

TCP Packet Forwarding Inbound

The session source answered the FIN packet with a FIN reply and awaits the last acknowledgement for this packet.

IFWD-WAIT 

TCP Packet Forwarding Inbound

The session was reset by one of the two participants by sending a RST packet. A wait period of 5 seconds will silently discard all packet belonging to that session.

IFWD-TERM 

TCP Packet Forwarding Inbound

The session is terminated and will shortly be removed from the session list.

PXY-NEW 

TCP Stream Forwarding Outbound

Session is validated by the firewall rule set, no traffic was forwarded so far.

PXY-CONN 

TCP Stream Forwarding Outbound

A socket connection to the destination is in progress of being established.

PXY-ACC 

TCP Stream Forwarding Outbound

A socket connection to the source is in progress of being accepted.

PXY-EST 

TCP Stream Forwarding Outbound

Two established TCP socket connection to the source and destination exist.

PXY-SRC-CLO 

TCP Stream Forwarding Outbound

The socket to the source is closed or is in the closing process.

PXY-DST-CLO 

TCP Stream Forwarding Outbound

The socket to the destination is closed or is in the closing process.

PXY-SD-CLO 

TCP Stream Forwarding Outbound

The source and the destination socket are closed or in the closing process.

PXY-TERM 

TCP Stream Forwarding Outbound

The session is terminated and will shortly be removed from the session list.

IPXY-NEW 

TCP Stream Forwarding Inbound

Session is validated by the firewall rule set, no traffic was forwarded so far.

IPXY-ACC 

TCP Stream Forwarding Inbound

A socket connection to the source is in progress of being accepted.

IPXY-CONN 

TCP Stream Forwarding Inbound

A socket connection to the destination is in progress of being established.

IPXY-EST 

TCP Stream Forwarding Inbound

Two established TCP socket connection to the source and destination exist.

IPXY-SRC-CLO 

TCP Stream Forwarding Inbound

The socket to the source is closed or is in the closing process.

IPXY-DST-CLO 

TCP Stream Forwarding Inbound

The socket to the destination is closed or is in the closing process.

IPXY-SD-CLO 

TCP Stream Forwarding Inbound

The source and the destination socket are closed or in the closing process

IPXY-TERM 

TCP Stream Forwarding Inbound

The session is terminated and will shortly be removed from the session list.

UDP-NEW 

UDP Forwarding

Session is validated by the firewall rule set, no traffic was forwarded so far.

UDP-RECV 

UDP Forwarding

Traffic has been received from the source and was forwarded to the destination.

UDP-REPL 

UDP Forwarding

The destination replied to the traffic sent by the source.

UDP-SENT 

UDP Forwarding

The source transmitted further traffic after having received a reply from the destination.

UDP-FAIL 

UDP Forwarding

The destination or a network component on the path to the destination sent an ICMP indicating that the request cannot be serviced.

ECHO-NEW 

ECHO Forwarding

Session is validated by the firewall rule set, no traffic was forwarded so far.

ECHO-RECV 

ECHO Forwarding

Traffic has been received from the source and was forwarded to the destination.

ECHO-REPL 

ECHO Forwarding

The destination replied to the traffic sent by the source.

ECHO-SENT 

ECHO Forwarding

The source sent more traffic after racing a reply from the destination.

ECHO-FAIL 

ECHO Forwarding

The destination or a network component on the path to the destination sent an ICMP indicating that the request cannot be serviced.

OTHER-NEW 

OTHER Protocols Forwarding

Session is validated by the firewall rule set. No traffic was forwarded so far.

OTHER-RECV 

OTHER Protocols Forwarding

Traffic has been received from the source and was forwarded to the destination.

OTHER-REPL 

OTHER Protocols Forwarding

The destination replied to the traffic sent by the source.

OTHER-SENT 

OTHER Protocols Forwarding

The source sent more traffic after receiving a reply from the destination.

OTHER-FAIL 

OTHER Protocols Forwarding

The destination or a network component on the path to the destination sent an ICMP indicating that the request cannot be serviced.

LOC-NEW 

Local TCP Traffic

A local TCP session was granted by the local rule set.

LOC-EST 

Local TCP Traffic

The local TCP session is fully established.

LOC-SYN-SND 

Local TCP Traffic

A Local-Out TCP session is initiated by sending a SYN packet.

LOC-SYN-RCV 

Local TCP Traffic

A Local-In TCP session is initiated by receiving a SYN packet.

LOC-FIN-WAIT1 

Local TCP Traffic

An established local TCP session started the close process by sending a FIN packet.

LOC-FIN-WAIT2 

Local TCP Traffic

A local TCP session in the FIN-WAIT1 state received an ACK for the FIN packet.

LOC-TIME-WAIT 

Local TCP Traffic

A local TCP session in the FIN-WAIT1 or in the FIN-WAIT2 state received a FIN packet.

LOC-CLOSE 

Local TCP Traffic

An established local TCP session is closed.

LOC-CLOSE-WAIT

Local TCP Traffic

An established local TCP session received a FIN packet.

LOC-LAST-ACK 

Local TCP Traffic

Application holding an established TCP socket responded to a received FIN by closing the socket. A FIN is sent in return.

LOC-LISTEN Local TCP Traffic

A local socket awaits connection request (SYN packets).

LOC-CLOSING Local TCP Traffic

A local socket in the FIN_WAIT1 state received a FIN packet.

LOC-FINISH Local TCP Traffic

A local TCP socket was removed from the internal socket list.

Last updated on