Following the suggestions from "Brian Chu" <[EMAIL PROTECTED]>, I post to the whole list this message I sent him yesterday. He told me that this topics could be interesting to many, and in fact I already sent almost the same message (with minor editing) to "Jay Schulist" <[EMAIL PROTECTED]> Perhaps the responses could be posted to the list also.
---------- Forwarded Message ---------- Subject: Re: Connection state information Date: Mon, 13 Aug 2001 23:57:29 -0300 From: Daniel Toffetti <[EMAIL PROTECTED]> To: "Brian Chu" <[EMAIL PROTECTED]> > The way I do it is by catting /proc/net/ip_conntrack (cat > /proc/net/ip_conntrack | less"). > > Hope this helps. Of course this helps, this is great, I didn't knew of this. Perhaps you can help me a little more. Is there any documentation about the meaning of each column and its possible values ?? May I assume that this information changes only depending on the connections established by the applications and the configurations set with iptables, or there is some other ways to change it ? I'll try to be more specific: I want to know how to deal with every aspect of the NAT, from an administrative / monitoring point of wiew. I know what I can do with iptables, now I would like to know whether I could assume that connection tracking information can be considered 'read-only' from that point of view. Of course that it changes as connections are established and released, but supposing I would like to build an administrative tool, I want to confirm that the configuration is made only by iptables, and that connection tracking is wiewable only. I hope I explained myself correctly, thanks in advance ! Daniel -- "There is no spoon..." - The Matrix
