diff options
authorJan Engelhardt <>2009-03-17 16:37:47 +0100
committerJan Engelhardt <>2009-03-17 16:37:49 +0100
commit71bc61f926ca2d8ec57d9fbd698c2af32c9a9f64 (patch)
parenta73a34ad9c9bb30dafbd7b5ca15b902e83c50ee2 (diff)
libxt_connbytes: document nf_ct_acct behavior
Signed-off-by: Jan Engelhardt <>
1 files changed, 6 insertions, 0 deletions
diff --git a/extensions/ b/extensions/
index b5608a35..e475cae7 100644
--- a/extensions/
+++ b/extensions/
@@ -9,6 +9,12 @@ scheduled using a lower priority band in traffic control.
The transferred bytes per connection can also be viewed through
`conntrack -L` and accessed via ctnetlink.
+NOTE that for connections which have no accounting information, the match will
+always return false. The "net.netfilter.nf_conntrack_acct" sysctl flag controls
+whether \fBnew\fP connections will be byte/packet counted. Existing connection
+flows will not be gaining/losing a/the accounting structure when be sysctl flag
+is flipped.
[\fB!\fP] \fB\-\-connbytes\fP \fIfrom\fP[\fB:\fP\fIto\fP]
match packets from a connection whose packets/bytes/average packet