conntrack -E -i not allowed?
Pablo Neira Ayuso
pablo at netfilter.org
Thu Nov 9 18:10:05 CET 2006
Alan Ezust wrote:
> Thanks for the reply. Ok, I can see how I can generate some IDs, but I first
> want to make sure i have all of the information I need.
> When I run conntrack, I only see one protocol number. I think it is a layer4
> protocol (tcp vs udp). If I'm not seeing an l3proto in my output, why might
> that be?
> udp 17 12 src=10.10.201.2 dst=220.127.116.11 sport=54475 dport=53
> src=18.104.22.168 dst=22.214.171.124 sport=53 dport=54475 use=1 mark=0
> tcp 6 420332 ESTABLISHED src=10.10.100.3 dst=10.10.1.22 sport=1356
> dport=5432 src=10.10.1.22 dst=10.10.100.3 sport=5432 dport=1356 [ASSURED]
> use=1 mark=0
Are you using nf_conntrack? If so, l3protonum is not shown yet but it
would not be hard to cook a patch to show it. I'll introduce this change
in the new libnetfilter_conntrack API.
The dawn of the fourth age of Linux firewalling is coming; a time of
great struggle and heroic deeds -- J.Kadlecsik got inspired by J.Morris
More information about the netfilter