* On Tue, 2004-09-28 at 08:31, Alistair Tonner wrote: > On September 28, 2004 03:59 am, Mohamed Eldesoky wrote: > > But still, > > The /proc/net/ip_conntrack should contain all connections tracked by > > that firewall (ie, passing through the firewall), am I right ?? > > > > This list is all actively tracked connections, all not yet completed, but > possibly tracked connections (called expectations) that the netfilter code is > watching for. You need to pay attention to the state of the connection, but > you've got the right idea. > > I can't recall all the states off the top of my head, but they are fairly > clearly labelled. > > Alistair Tonner. > > << SNIPPAGE>> > Iptstate is nice for this. Ted
