Le jeudi 18 février 2010 à 09:40 -0800, Afi Gjermund a écrit : > I am still trying to figure out why the nf_conntrack_count differs > from the table system. I decided I would use the conntrack userspace > tools. > Both of my NICs are unplugged with no other userspace applications > running to affect connection tracking counts. > > > root@titan ~# date > Thu Feb 18 17:35:21 UTC 2010 > > root@titan ~# ./conntrack -C conntrack > 351 > > root@titan ~# date > Thu Feb 18 17:35:24 UTC 2010 > > root@titan ~# ./conntrack -F conntrack > conntrack v0.9.14 (conntrack-tools): connection tracking table has been emptied. > > root@titan ~# date > Thu Feb 18 17:35:31 UTC 2010 > > root@titan ~# ./conntrack -C conntrack > 351 > > root@titan ~# date > Thu Feb 18 17:35:36 UTC 2010 > > Shouldn't the value after the flush be 0? The traffic that has created > this mess is from a REDIRECT rule in the PREROUTING chain of the 'nat' > table. Could you post a copy of these rules ? Thanks -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
