diff options
| author | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org> | 2008-04-16 14:54:24 +0000 |
|---|---|---|
| committer | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org> | 2008-04-16 14:54:24 +0000 |
| commit | 953bcf62fbd110f63c946905f9642d17b63c50cf (patch) | |
| tree | 7ac481d0e730acdad4a7e919ebc59d482053d2fe /conntrack.8 | |
| parent | ebb9a1aa3813d71b99d7508c88b9cbf525e15b4a (diff) | |
o fix NAT filtering via --src-nat and --dst-nat (reported by K.Oledzki)
o recover the ID support
o show display counters to stderr
o enable filtering by status and ID
Diffstat (limited to 'conntrack.8')
| -rw-r--r-- | conntrack.8 | 27 |
1 files changed, 16 insertions, 11 deletions
diff --git a/conntrack.8 b/conntrack.8 index 670770a..9fb9508 100644 --- a/conntrack.8 +++ b/conntrack.8 @@ -73,9 +73,8 @@ Flush the whole given table Atomically zero counters after reading them. This option is only valid in combination with the "-L, --dump" command options. .TP -.BI "-o, --output [extended,xml,timestamp] " -Display output in a certain format. This option is only valid in combination -with the "-L, --dump", "-E, --event" and "-G, --get" command options. +.BI "-o, --output [extended,xml,timestamp,id] " +Display output in a certain format. .TP .BI "-e, --event-mask " "[ALL|NEW|UPDATES|DESTROY][,...]" Set the bitmask of events that are to be generated by the in-kernel ctnetlink @@ -136,10 +135,10 @@ Specify the destination address mask of an expectation. .TP TCP-specific fields: .TP -.BI "--orig-port-src " "PORT" +.BI "--sport, --orig-port-src " "PORT" Source port in original direction .TP -.BI "--orig-port-dst " "PORT" +.BI "--dport, --orig-port-dst " "PORT" Destination port in original direction .TP .BI "--reply-port-src " "PORT" @@ -153,10 +152,10 @@ TCP state .TP UDP-specific fields: .TP -.BI "--orig-port-src " "PORT" +.BI "--sport, --orig-port-src " "PORT" Source port in original direction .TP -.BI "--orig-port-dst " "PORT" +.BI "--dport, --orig-port-dst " "PORT" Destination port in original direction .TP .BI "--reply-port-src " "PORT" @@ -182,22 +181,28 @@ cause an exit code of 1. .SH EXAMPLES .TP .B conntrack \-L -Dump the connection tracking table in /proc/net/ip_conntrack format +Show the connection tracking table in /proc/net/ip_conntrack format .TP .B conntrack \-L -o extended -Dump the connection tracking table in /proc/net/nf_conntrack format +Show the connection tracking table in /proc/net/nf_conntrack format .TP .B conntrack \-L \-o xml -Dump the connection tracking table in XML +Show the connection tracking table in XML .TP .B conntrack \-L -f ipv6 -o extended Only dump IPv6 connections in /proc/net/nf_conntrack format .TP .B conntrack \-L --src-nat -Dump source NAT connections +Show source NAT connections .TP .B conntrack \-E \-o timestamp Show connection events together with the timestamp +.TP +.B conntrack \-D \-s 1.2.3.4 +Delete all flow whose source address is 1.2.3.4 +.TP +.B conntrack \-U \-s 1.2.3.4 \-m 1 +Set connmark to 1 of all the flows whose source address is 1.2.3.4 .SH BUGS Bugs? What's this ;-) .SH SEE ALSO |