RE: clarification on the use of --state parameter within conntrack command

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thanks Phil, that works.
And to your knowledge is there a way to do something similar with UDP. Like to filter the entries in UNREPLIED state?

Alexis.
________________________________________
From: Phil Oester [kernel@xxxxxxxxxxxx]
Sent: September 13, 2013 10:45
To: Alexis Salinas
Cc: netfilter@xxxxxxxxxxxxxxx
Subject: Re: clarification on the use of --state parameter within  conntrack command

On Fri, Sep 13, 2013 at 05:00:17PM +0000, Alexis Salinas wrote:
> Hi All,
> Could someone help me understand the correct use of the protocol filter parameter "--state". I figure it would be something like this " conntrack -L -p TCP --state ESTABLISHED" but 2 different versions of conntrack-tools give the same error (conntrack v1.2.1 (conntrack-tools): unknown option `--state'
> Try `conntrack -h' or 'conntrack --help' for more information.)

Don't capitalize the protocol.

    conntrack -L -p tcp --state SYN_SENT

Phil
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux