Feature changed by: Andreas Jaeger (a_jaeger) Feature #308519, revision 3 Title: Add conntrack Tools - openSUSE-11.3: Unconfirmed + openSUSE-11.3: Evaluation Priority Requester: Desirable Requested by: Don Hughes (dehughes) Description: Add conntrack tools for iptables from http://conntrack-tools.netfilter.org/ This application allows you to manipulate the connection tracking information under /proc/net/nf_conntrack wiht commands with syntax similar to that of iptables and ipset. The tools alow you to modify the information instead of only beinig able to list it. They also provide a way to keep the tracking information on a backup system in sync with the production system. I found that they provided a much eaier way to recover from a hung nat'ed VoIP sip connection than the previous methods (adjusting the conntrack timeout values to expire all the connections, rebooting, restarting interfaces, kicking things, all of the above) i.e. conntrack -D --orig-src <ip of sip gateway> - also provided are conntrack -L (list) -G (get) -D (delete) -I (create/insert) -E (event, sort of like tail) -F (flush) with a number of filter parameters to match addresses, protocols, families, ports, etc. - - Discussion: #1: Jan Engelhardt (jengelh) (2009-12-26 02:07:59) The package is in /repositories/security. It would only need to be added to the distro releases - coolo's decision as far as I can see. -- openSUSE Feature: https://features.opensuse.org/308519