Fwd: Re: Connection state information
Following the suggestions from "Brian Chu" <chub@stuy.yi.org>, I post
to the whole list this message I sent him yesterday. He told me that
this topics could be interesting to many, and in fact I already sent
almost the same message (with minor editing) to "Jay Schulist"
<jschulist@networkrobots.com>
Perhaps the responses could be posted to the list also.
---------- Forwarded Message ----------
Subject: Re: Connection state information
Date: Mon, 13 Aug 2001 23:57:29 -0300
From: Daniel Toffetti <dtoffe@softhome.net>
To: "Brian Chu" <chub@stuy.yi.org>
> The way I do it is by catting /proc/net/ip_conntrack (cat
> /proc/net/ip_conntrack | less").
>
> Hope this helps.
Of course this helps, this is great, I didn't knew of this. Perhaps you
can help me a little more.
Is there any documentation about the meaning of each column and its
possible values ??
May I assume that this information changes only depending on the
connections established by the applications and the configurations set
with iptables, or there is some other ways to change it ?
I'll try to be more specific: I want to know how to deal with every
aspect of the NAT, from an administrative / monitoring point of wiew. I
know what I can do with iptables, now I would like to know whether I
could assume that connection tracking information can be considered
'read-only' from that point of view.
Of course that it changes as connections are established and released,
but supposing I would like to build an administrative tool, I want to
confirm that the configuration is made only by iptables, and that
connection tracking is wiewable only.
I hope I explained myself correctly, thanks in advance !
Daniel
--
"There is no spoon..." - The Matrix
Reply to: