Network traffic

From HPCWIKI
Revision as of 11:47, 18 May 2023 by Admin (talk | contribs) (Created page with " == Real time each connection tracking == In freebsd, session table provides real time rx/tx information for each connection. InLinux netfilter router, connections table only includes information on end of connections by default. from Linux kernel version >= 2.6.18, we can use contract, ''conntrack'' provides a full featured command line utility to interact with the connection tracking system<ref>https://conntrack-tools.netfilter.org/manual.html</ref> === setup conntra...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Real time each connection tracking

In freebsd, session table provides real time rx/tx information for each connection. InLinux netfilter router, connections table only includes information on end of connections by default.

from Linux kernel version >= 2.6.18, we can use contract, conntrack provides a full featured command line utility to interact with the connection tracking system[1]

setup conntrack

Set nf_contrack_acct

$ sysctl -w net.netfilter.nf_conntrack_acct=1[2]


Install contrack utility, if you do not have yet

$sudo apt-get install conntrack

List the existing flows

# conntrack -L

Filter out the listing

#conntrack -L -p tcp --dport 22

Update the ct mark

#conntrack -U -p tcp --dport 22 --mark 10

delete entries,

it can also block TCP traffic when

  • stateful rule-set that drops traffic in INVALID state
  • /proc/sys/net/netfilter/nf_conntrack_tcp_loose to zero.
  • # conntrack -D -p tcp --dport 22

Listen to the connection tracking events

#conntrack -E

References

  1. https://conntrack-tools.netfilter.org/manual.html
  2. https://serverfault.com/questions/449250/monitoring-rx-tx-stats-of-current-connections-on-linux
Retrieved from "http://wiki.hpcmate.com/index.php?title=Network_traffic&oldid=843"