Paddie O'Brien wrote: >> Just a question: >> Why would you track unsuccessful connections? >> If a connection ATTEMPT is unsuccessful then there is no CONNECTION -> so >> there is nothing to track about.... > > I want to know who on our wireless network at work > is attempting to connect to my machine. > > My (shaky) understanding was that with conntrack I would > get a NEW event for any inbound first packet irrespective > of whether it led to the creation of an ESTABLISHED > connection or not. No, at least the first packet must succesfully go through the whole firewall code, otherwise it is not logged by the conntrack code. -- "Los honestos son inadaptados sociales" -- Les Luthiers -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html