Is bigip packet filter stateful or stateless?

Packet filter
I have allowed vmnet5 to http and dns to any destination, and drop all for the rest.


Nmap from client


Actually nmap could not determine whether port 80 is opened or closed because there is no response.

Packet filter log


Looks like the packet filter accept despite TCP FIN was sent…

The below tcpdump proves that TCP FIN was sent over.


So based on the packet filter log I should conclude that packet filter is a stateless access control?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s