you can try Conntrack Viewer is a perl script to view the masquerading connections with kernel 2.4.x, it uses /proc/net/ip_conntrack With kernel 2.2.x, it was extremely easy to view the masquerading connections, 'netstat -M' or 'netstat --masquerade' gave you the result right away. But since generation 2.4, if you try this you will get: "netstat: no support for `ip_masquerade' on this system.". With kernel 2.4.x, the informations regarding the masquerading connections are accesible via /proc/net/ip_conntrack wich is extremely hard to read. And here is where Conntrack Viewer become so usefull. Conntrack viewer is free and protected by the GPL license. http://cv.intellos.net/conntrack-viewer-1.3/conntrack-viewer.pl Regards, Sp0oKeR On 6/21/06, David Alexandre M. de Carvalho <david@xxxxxxxxx> wrote:
Hi ! How can I do something equivalent to "ipchains -L -M" ? I want to see active masq/nat rules. iptables -t nat -L is not enough. I need to see active connections. Thanks ! Best regards David
-- ===================== Rodrigo Ribeiro Montoro Desenvolvedor BRMAlinux spooker@xxxxxxxxxx RHCE/LPIC-I =====================