On Thursday 01 January 2004 7:39 pm, Eddahbi Karim wrote:
> Hiya,
>
> I'm writing a documentation about Iptables and I want to know if the
> first src, dst, sport, dport flags are related to the last packet seen
> or to the socket ?
>
> Example : tcp 6 431922 ESTABLISHED src=1.2.3.4 dst=5.6.7.8
> sport=32827 dport=5190
>
> Does the src/dst/sport/dport flags are related to the whole connection
> or just to the last packet seen by the connection tracker ? :)
They relate to the initial packet which created the connection.
Therefore 'source' means the machine which sent the first packet, and
'destination' means the machine it was sent to.
The data in the conntrack table remains static (except for the timeout)
throughout the course of the established connection.
Antony.
--
If at first you don't succeed, destroy all the evidence that you tried.
Please reply to the list;
please don't CC me.
