Here is more information on the different Session States and Types.
Session States:
Session State
Stable / Transient
Details
Init
Stable
Session stays in free pool, initial state or is freed and returned to free pool
Opening
Transient
Session is allocated from free pool and has yet to be installed into flow lookup table and ager
Active
Stable
Session is in flow lookup table and packet matched this flow will be inspected and forwarded
Discard
Stable
Session is in flow lookup table but set to state DISCARD due to deny rule in security policy, or detected threat, packet matched will be discarded
Closing
Transient
Session is set to be expired immediately but has not been removed from aging process nor removed from flow lookup table, packet matched will disregard the match and enqueue to create new session
Closed
Transient
Session is expired and removed from aging process, but not from flow lookup table.packet matched will disregard the match and enqueue to create new session
Free
Transient
Session has been removed from aging process and flow lookup table, but not returned to free pool
Session Types:
• Predict - Sessions for which Application Layer Gateway (ALG) is required. - Packets matching predict sessions will be then converted to normal Flow session. - Often will have source or destination IP/port as zero as that information may not be known yet.
• Flow - Normal C2S and S2C sessions. - Certain applications with dynamic TCP/UDP ports may create Predict sessions. (such as ftp, sip/h323, bittorrent, and skype)