Well, I know its function, just wanted to make sure. As there is a small network misconfiguration that I wanted to know its root. Thanks for the help. On Tue, 28 Sep 2004 11:19:35 -0400, Alistair Tonner <alistair@xxxxxxxxxx> wrote: > On September 28, 2004 10:48 am, Mohamed Eldesoky wrote: > > Well, I want to make sure that it remembers only connections that > > passes THROUGH it !! > > Are you saying you don't want to track local connections? > > This file keeps track of anything that *_conntrack_* would watch. > As far as I know this includes local connections -- > > If you are accepting any connections locally, they are very likely in this > table. > > I've seen at least one discussion about breaking this up into different > files. That gets messy very quicky from a code point of view, as well as > from a logic point of view. I certainly prefer the idea of having one place > to track connections. > > Alistair Tonner > > > > > > > > On 28 Sep 2004 16:27:53 +0200, Jose Maria Lopez <jkerouac@xxxxxxxxx> wrote: > > > El mar, 28 de 09 de 2004 a las 09:59, Mohamed Eldesoky escribió: > > > > But still, > > > > The /proc/net/ip_conntrack should contain all connections tracked by > > > > that firewall (ie, passing through the firewall), am I right ?? > > > > > > Yes, and it will remember the connections made for a time. It's > > > a list of all the connections the conntrack system have seen, and > > > it's used to check the established and related connections. > > > > > > > > > > > > -- > > > Jose Maria Lopez Hernandez > > > Director Tecnico de bgSEC > > > jkerouac@xxxxxxxxx > > > bgSEC Seguridad y Consultoria de Sistemas Informaticos > > > http://www.bgsec.com > > > ESPAÑA > > > > > > The only people for me are the mad ones -- the ones who are mad to live, > > > mad to talk, mad to be saved, desirous of everything at the same time, > > > the ones who never yawn or say a commonplace thing, but burn, burn, burn > > > like fabulous yellow Roman candles. > > > -- Jack Kerouac, "On the Road" > > -- Mohamed Eldesoky www.eldesoky.net RHCE
