Netfilter
2.3 Connexion tracing
tracing of TCP, UDP and ICMP connections
available options:
INVALID: packet is invalid
internal error while processing the packet
ICMP error packet not corresponding to any connection
ESTABLISHED: packet is part of an established connection
RELATED:
error packet matching an existing communication (reset / icmp)
a packet matching a request for a ftp data connection (active or passive mode)
NEW : packet does not match any know connection (not necessarily a new connection)
list of the logged connections :
cat /proc/net/ip_conntrack
Number of connection (by default 8184) :
echo 16384 > /proc/sys/net/ipv4/ip_conntrack_max
Netfilter
® ©
Hervé Schauer Consultants
2000 - 4 bis, rue de la gare - 92300 Levallois-Perret
Phone : +33 141 409 700 - Fax : +33 141 409 709 - Email : <secretariat@hsc.fr>
Netfilter
Netfilter
Netfilter
® © Hervé Schauer Consultants 2000 -
4 bis, rue de la gare -
92300 Levallois-Perret