On September 28, 2004 03:59 am, Mohamed Eldesoky wrote: > But still, > The /proc/net/ip_conntrack should contain all connections tracked by > that firewall (ie, passing through the firewall), am I right ?? > This list is all actively tracked connections, all not yet completed, but possibly tracked connections (called expectations) that the netfilter code is watching for. You need to pay attention to the state of the connection, but you've got the right idea. I can't recall all the states off the top of my head, but they are fairly clearly labelled. Alistair Tonner. << SNIPPAGE>>
