netstat will only show you connections terminating on the localhost. the ip_conntrack table will show you connection data for all tcp sessions travelling through, or to your host.
On Wed, 18 Sep 2002, Dale Amon wrote: > On Wed, Sep 18, 2002 at 02:31:36PM -0300, Peter Cordes wrote: > > Are you running a firewall with iptables connection tracking? > > Well, yes. I didn't know iptstate would work otherwise. > > > Are the > > extra connections (that don't show up in netstat) from internal addresses to > > external addresses? (i.e. neither end of the connection is your firewall's > > IP addr?) > > No. They are all external connections to port 80. Nothing about them looks > particularly invalid, but I can't correlate them. Not entirely anyway. > > > If so, then that's normal. netstat only shows connections from the local > > machine. iptstate reports the state of the netfilter connection tracking > > stuff. > > Yes, one of the things I am wondering is if it remembers connections for a > longer time for some reason. Still doesn't figure because I have them > sitting in ESTABLISHED when there is no corresponding one on the netstat. > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > [-] Steve Mickeler [ [EMAIL PROTECTED] ] [|] Todays root password is brought to you by /dev/random [+] 1024D/9AA80CDF = 4103 9E35 2713 D432 924F 3C2E A7B9 A0FE 9AA8 0CDF
