On Saturday 2010-10-16 10:22, Pablo Neira Ayuso wrote: >On 16/10/10 06:07, Italo Valcy wrote: >> Hi guys! >> >> Is there an way to get time counter of the connections using >> libnetfilter-conntrack? I mean, I'd like to know how long a connection >> had taken (since the state NEW to DESTROY). >> >> Any ideias? > >The Linux kernel does not track this connection lifetime, so you would >have to listen to NEW events, put the ct objects into some structure >(hashtable, tree, list, etc) and calculate the difference by yourself >once you receive DESTROY events. > >It wouldn't be hard to extend the existing code to do this in kernel space. One could just enhance the ct struct by a genesis timestamp, and calculate the delta once the destroy event is sent out. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
