record keeping organized, more or less so the state table used to be pretty flat each entry had 3 addresses, to account for NAT reason for nat in, rdr out there was one global table and one per interface and the interface one had to be consulted first, even given nobody halfway sane uses ifbound states