iptables and masquerading

To: debian-user@lists.debian.org
Subject: iptables and masquerading
From: Brian May <bam@debian.org>
Date: 20 Mar 2001 16:57:53 +1100
Message-id: <[🔎] 848zm1rnha.fsf@snoopy.apana.org.au>

Hello,

with ipchains it was easy to list what connections where being
masqueraded (IIRC ipchains -L -M).

However, I have not been able to do the same thing with iptables.

I see that the connection exists, by using tcpdump, eg:

16:46:57.476303 203.45.74.87.41007 > 192.168.87.130.1809: . ack 14601 win 8760 (DF)
16:46:57.478413 202.12.87.129.1809 > 203.45.74.87.41007: P 14600:16060(1460) ack 1 win 65242 (DF)

But neither fuser, netstat, or /proc/net/ip_conntrack[1] show any sign of
this connection.

So, how do I get a list of masqueraded connections, on the router?

(ideally an indication of bandwidth used by each connection would be
nice, too, but not essential).

Note:

[1] this file seems to contain connections that don't need to be
tracked (eg localhost --> localhost) or for certain non-masqueraded
connections. Why?

[2] I am using Linux 2.4.2
-- 
Brian May <bam@debian.org>

Reply to:

Follow-Ups:
- Re: iptables and masquerading
  - From: "John Davidson" <jwd_ods@monisys.ca>

Prev by Date: Re: on upgrading to testing
Next by Date: Re: MPEG player suggestions?! anyone?
Previous by thread: Re: Unstable, sid woody, what?
Next by thread: Re: iptables and masquerading
Index(es):
- Date
- Thread