Mailinglist Archive: opensuse-features (244 mails)

< Previous Next >
[openFATE 308519] Add conntrack Tools
  • From: fate_noreply@xxxxxxx
  • Date: Wed, 6 Oct 2010 16:06:07 +0200 (CEST)
  • Message-id: <feature-308519-4@xxxxxxxxxxxxxx>
Feature changed by: Andreas Jaeger (a_jaeger)
Feature #308519, revision 4
Title: Add conntrack Tools

- openSUSE-11.3: Evaluation
+ openSUSE-11.3: Done
Priority
Requester: Desirable

Requested by: Don Hughes (dehughes)

Description:
Add conntrack tools for iptables from
http://conntrack-tools.netfilter.org/
This application allows you to manipulate the connection tracking
information under /proc/net/nf_conntrack wiht commands with syntax
similar to that of iptables and ipset.  The tools alow you to modify
the information instead of only beinig able to list it.
They also provide a way to keep the tracking information on a backup
system in sync with the production system. 
I found that they provided a much eaier way to recover from a hung
nat'ed VoIP sip connection than the previous methods (adjusting the
conntrack timeout values to expire all the connections, rebooting,
restarting interfaces, kicking things, all of the above) i.e. conntrack
-D --orig-src <ip of sip gateway>
also provided are
conntrack -L (list)
-G (get)
-D (delete)
-I (create/insert)
-E (event, sort of like tail)
-F (flush)
with a number of filter parameters to match addresses, protocols,
families, ports, etc.


Discussion:
#1: Jan Engelhardt (jengelh) (2009-12-26 02:07:59)
The package is in /repositories/security. It would only need to be
added to the distro releases - coolo's decision as far as I can see.



--
openSUSE Feature:
https://features.opensuse.org/308519

< Previous Next >
This Thread
  • No further messages