How to list all network connections Centos 7 (Connection tracking)
Following are some ways to extract established connection information:
cat /proc/net/ip_conntrack -> using proc filesystem
conntrack -L -> command line interface for netfilter connection tracking. You can yum install it.
Another way is to write an iptable rule to LOG messages (use -j LOG) after your marking rule. Since marking rule is non terminating LOG rule will hit and it can be seen using dmesg.
For options 1 & 2 refer this link section "Chapter 3. Requirements" in order to get the conntrack-tools working if they doesn't work.
Related videos on Youtube
06 : 54
06 : 42
04 : 00
01 : 47
06 : 20
solderingiron
Updated on September 18, 2022Comments
-
solderingiron over 1 year
I have a box with Centos 7 installed.
I am trying to configure some iptables rules and playing with the mangle table and markings
For example on my router I am able to see established network connections with the following command in memory mapped fs (proc).
cat /proc/net/nf_conntrackBut in my current centos installation I don't have any of similar files mapped to the proc fs.
Here is the output of grepping kernel modules
[root@testenv crosp]# lsmod | grep nf_conntrack nf_conntrack_netlink 36864 0 nf_conntrack 106496 1 nf_conntrack_netlink nfnetlink 16384 4 nfnetlink_log,ip_set,nf_conntrack_netlinkI have found the ss utility, but didn't found any information how to see packets marks.
How can I get information about established connections and about marked packages ?
Thanks