Network traffic: Difference between revisions

From HPCWIKI
Jump to navigation Jump to search
(Created page with " == Real time each connection tracking == In freebsd, session table provides real time rx/tx information for each connection. InLinux netfilter router, connections table only includes information on end of connections by default. from Linux kernel version >= 2.6.18, we can use contract, ''conntrack'' provides a full featured command line utility to interact with the connection tracking system<ref>https://conntrack-tools.netfilter.org/manual.html</ref> === setup conntra...")
 
Line 3: Line 3:
In freebsd, session table provides real time rx/tx information for each connection. InLinux netfilter router, connections table only includes information on end of connections by default.
In freebsd, session table provides real time rx/tx information for each connection. InLinux netfilter router, connections table only includes information on end of connections by default.


from [[Linux]] kernel version >= 2.6.18, we can use contract, ''conntrack'' provides a full featured command line utility to interact with the connection tracking system<ref>https://conntrack-tools.netfilter.org/manual.html</ref>
from [[Linux]] kernel version >= 2.6.18, we can use conntract or ''conntrackd'' daemon, ''conntrack'' provides a full featured command line utility to interact with the connection tracking system<ref>https://conntrack-tools.netfilter.org/manual.html</ref>  


=== setup conntrack ===
=== setup conntrack ===

Revision as of 11:49, 18 May 2023

Real time each connection tracking

In freebsd, session table provides real time rx/tx information for each connection. InLinux netfilter router, connections table only includes information on end of connections by default.

from Linux kernel version >= 2.6.18, we can use conntract or conntrackd daemon, conntrack provides a full featured command line utility to interact with the connection tracking system[1]

setup conntrack

Set nf_contrack_acct

$ sysctl -w net.netfilter.nf_conntrack_acct=1[2]


Install contrack utility, if you do not have yet

$sudo apt-get install conntrack

List the existing flows

# conntrack -L

Filter out the listing

#conntrack -L -p tcp --dport 22

Update the ct mark

#conntrack -U -p tcp --dport 22 --mark 10

delete entries,

it can also block TCP traffic when

  • stateful rule-set that drops traffic in INVALID state
  • /proc/sys/net/netfilter/nf_conntrack_tcp_loose to zero.
  • # conntrack -D -p tcp --dport 22

Listen to the connection tracking events

#conntrack -E

References

  1. https://conntrack-tools.netfilter.org/manual.html
  2. https://serverfault.com/questions/449250/monitoring-rx-tx-stats-of-current-connections-on-linux
Retrieved from "http://wiki.hpcmate.com/index.php?title=Network_traffic&oldid=844"