Re: iptables and masquerading
You probably should as this question on the netfilter (iptables) mailing
list
http://us4.samba.org/mailman/listinfo/netfilter
The main iptables page is at http://netfilter.kernelnotes.org
amd the command you are actually looking for is
'cat /proc/net/ip_conntrack'
but you should be aware that there are a number of issues with IIRC
John Davidson
----- Original Message -----
From: "Brian May" <bam@debian.org>
To: <debian-user@lists.debian.org>
Sent: Tuesday, March 20, 2001 12:57 AM
Subject: iptables and masquerading
> Hello,
>
> with ipchains it was easy to list what connections where being
> masqueraded (IIRC ipchains -L -M).
>
> However, I have not been able to do the same thing with iptables.
>
> I see that the connection exists, by using tcpdump, eg:
>
> 16:46:57.476303 203.45.74.87.41007 > 192.168.87.130.1809: . ack 14601 win
8760 (DF)
> 16:46:57.478413 202.12.87.129.1809 > 203.45.74.87.41007: P
14600:16060(1460) ack 1 win 65242 (DF)
>
> But neither fuser, netstat, or /proc/net/ip_conntrack[1] show any sign of
> this connection.
>
> So, how do I get a list of masqueraded connections, on the router?
>
> (ideally an indication of bandwidth used by each connection would be
> nice, too, but not essential).
>
> Note:
>
> [1] this file seems to contain connections that don't need to be
> tracked (eg localhost --> localhost) or for certain non-masqueraded
> connections. Why?
>
> [2] I am using Linux 2.4.2
> --
> Brian May <bam@debian.org>
>
>
> --
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Reply to: