I'm working my way thru this document:
http://gentoo-wiki.com/HOWTO_Iptables_and_stateful_firewalls
Somewhere in this part: #Should_I_take_this_tutorial
(add it to the above url)
Once there scan for the work /proc and a few hits will get you to this
line: (emphasis is mine)
If you've already rebooted and are using your new netfilter-enabled
kernel, you can view a list of active network connections that your
machine is participating in by typing
"cat/proc/net/ip_conntrack".
Even with no firewall configured, Linux's
conntrack functionality is working behind the scenes, keeping track
of the connections that your machine is participating in.
I don't see that on a machine where I've tried to pick every iptable
and contrack setting for the kernel I could find. Including the ones
on that page that are still around.
find /proc -iname '*conntrack*'
or even
find /proc -iname '*con*'
Turns up nothing even close. Does it mean I'm still missing something
in the kernel build? or is it just baloney or out of date?
It claims you should see this even if you aren't running iptables yet
--
[email protected] mailing list
