![]() The /proc/net/ip_conntrack interface is very limited as it only allows you to display the existing flows, their state and other information: You have been warned!Ĭhapter 5. Using conntrack: the command line interface Probably, you wonder why I'm insisting on these prerequisites too much, the fact is that if your iptables rule-set is stateless, it is very likely that the conntrack-tools will not be of any help for you. If you do not fulfill the previous requirements, this documentation is likely to be a source of frustration. That document contains a general description that should help to clarify the concepts. If this is not your case, I strongly suggest you to read the article Netfilter's Connection Tracking System published in :login the USENIX magazine. Moreover, the reader must also understand the difference between stateful and stateless firewalls. If this is not your case, I suggest you to read the iptables documentation before going ahead. In this document, the author assumes that the reader is familiar with firewalling concepts and iptables in general. + If you find any error or imprecision in this document, please send an email This document should be a kick-off point to install and configure the
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |