summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMart Frauenlob <mart.frauenlob@chello.at>2016-04-07 20:31:42 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2016-04-08 12:22:57 +0200
commit7688fdadbf805d731cde876346563ef2c5e86e63 (patch)
treed212ccffc8a26597e2749036db46cbeaa99b8371
parent39c6c365659ae5ec042e7c33701a4fe74756d694 (diff)
conntrack: man: Add description of tables dying and unconfirmed.
Signed-off-by: Mart Frauenlob <mart.frauenlob@chello.at> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r--conntrack.816
1 files changed, 16 insertions, 0 deletions
diff --git a/conntrack.8 b/conntrack.8
index a23189a..e8e4480 100644
--- a/conntrack.8
+++ b/conntrack.8
@@ -48,6 +48,22 @@ mechanism used to "expect" RELATED connections to existing ones. Expectations
are generally used by "connection tracking helpers" (sometimes called
application level gateways [ALGs]) for more complex protocols such as FTP,
SIP, H.323.
+.TP
+.BR "dying" :
+This table shows the conntrack entries, that have expired and that have been
+destroyed by the connection tracking system itself, or via the conntrack utility.
+.TP
+.BR "unconfirmed" :
+This table shows new entries, that are not yet inserted into the conntrack table.
+These entries are attached to packets that are traversing the stack,
+but did not reach the confirmation point at the postrouting hook.
+.PP
+The tables "dying" and "unconfirmed" are basically only useful for debugging purposes.
+Under normal operation, it is hard to see entries in any of them.
+There are corner cases, where it is valid to see entries in the
+unconfirmed table, eg. when packets that are enqueued via nfqueue, and
+the dying table, eg. when conntrackd runs in event reliable mode.
+.PP
.SH OPTIONS
The options recognized by
.B conntrack