Hello ! I am not sure, to ask on the right list at this moment ;-) I am just working with conntrack on my firewall machine, because it can show connections from extern to any LAN machine. I usually do this using "conntrack -E". If I go in parallel with tcpdump, I see more connections, then these visible with the above conntrack command. After some thinking, I made a "conntrack -L" and see these connections. Why I am writing is, that the shown behavior is a bit suboptimal, especially, if one scripts this. I just think, that a argument "-M" (say for migrate) should initially show the table and then switch over to track via events. Without this, you may miss new connections until the event processing starts. Thanks anywway, Manfred -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
