Mailinglist Archive: opensuse-features (362 mails)

< Previous Next >
[openFATE 308519] Add conntrack Tools
  • From: fate_noreply@xxxxxxx
  • Date: Sat, 26 Dec 2009 02:08:55 +0100 (CET)
  • Message-id: <feature-308519-2@xxxxxxxxxxxxxx>
Feature changed by: Jan Engelhardt (jengelh)
Feature #308519, revision 2
Title: Add conntrack Tools

openSUSE-11.3: Unconfirmed
Priority
Requester: Desirable

Requested by: Don Hughes (dehughes)

Description:
Add conntrack tools for iptables from
http://conntrack-tools.netfilter.org/
This application allows you to manipulate the connection tracking
information under /proc/net/nf_conntrack wiht commands with syntax
similar to that of iptables and ipset.  The tools alow you to modify
the information instead of only beinig able to list it.
They also provide a way to keep the tracking information on a backup
system in sync with the production system. 
I found that they provided a much eaier way to recover from a hung
nat'ed VoIP sip connection than the previous methods (adjusting the
conntrack timeout values to expire all the connections, rebooting,
restarting interfaces, kicking things, all of the above) i.e. conntrack
-D --orig-src <ip of sip gateway>
 
also provided are
conntrack -L (list)
-G (get)
-D (delete)
-I (create/insert)
-E (event, sort of like tail)
-F (flush)
with a number of filter parameters to match addresses, protocols,
families, ports, etc.
 
 

+ Discussion:
+ #1: Jan Engelhardt (jengelh) (2009-12-26 02:07:59)
+ The package is in /repositories/security. It would only need to be
+ added to the distro releases - coolo's decision as far as I can see.



--
openSUSE Feature:
https://features.opensuse.org/308519

< Previous Next >
List Navigation
This Thread
  • No further messages
References