Network address translation part 3 – the conntrack event framework

This is the third post in a series about network address translation NAT. The first article introduced how to use the iptablesnftables packet tracing feature to find the source of NAT-related connectivity problems. Part 2 introduced the conntrack command. This part gives an introduction to the conntrack event framework.

NAT configured via iptables or nftables builds on top of netfilter8217s connection tracking framework. conntrack8217s event facility allows real-time monitoring of incoming and outgoing flows. This event framework is useful for debugging or logging flow information for instance with ulog and its IPFIX output plugin.

Run the following command to see a real-time conntrack event log.

This prints a continuous stream of events.

Hit ctrlc to quit.

The conntrack tool offers a number of options to limit the output. For example its possible to only show DESTROY events. The NEW event is generated after the iptablesnftables rule set accepts the corresponding packet.


Read Full Post

News Link:
RSS Link:

Linux Chatter is a news aggregator service that curates some of the best Linux, Cloud, Technical Guides, Hardware and Security news. We display just enough content from the original post to spark your interest. If you like the topic, then click on the 'read full post' button to visit the author's website. Use Linux Chatter to find content from amazing authors!

Note: The content provided has been modified and is not displayed as intended by the author. Any trademarks, copyrights and rights remain with the source.

Disclaimer: Linux Chatter sources content from RSS feeds and personal content submissions. The views and opinions expressed in these articles are those of the authors and do not necessarily reflect those of Linux Chatter.