On May 6, 2011, at 7:12 AM, Vieri Di Paola wrote: > Hi, > > I used a custom script to count packets and bytes from "shorewall show > connections". I noticed that on another more recent server, this script fails > because /proc/net/nf_conntrack does not contain either bytes or packets. > > Example while opening www.google.com: > > ipv4 2 tcp 6 431999 ESTABLISHED src=10.215.144.48 dst=209.85.147.104 > sport=52531 dport=80 src=209.85.147.104 dst=10.215.144.48 sport=80 > dport=52531 [ASSURED] mark=0 secmark=0 use=2 > > ipv4 2 tcp 6 431999 ESTABLISHED src=10.215.144.48 dst=209.85.147.104 > sport=52533 dport=80 src=209.85.147.104 dst=10.215.144.48 sport=80 > dport=52533 [ASSURED] mark=0 secmark=0 use=2 > > ipv4 2 tcp 6 431999 ESTABLISHED src=10.215.144.48 dst=209.85.147.104 > sport=52530 dport=80 src=209.85.147.104 dst=10.215.144.48 sport=80 > dport=52530 [ASSURED] mark=0 secmark=0 use=2 > > ipv4 2 tcp 6 431998 ESTABLISHED src=10.215.144.48 dst=209.85.147.104 > sport=52532 dport=80 src=209.85.147.104 dst=10.215.144.48 sport=80 > dport=52532 [ASSURED] mark=0 secmark=0 use=2 > > kernel is 2.6.36. > > Am I missing something?
Have you tried running 'contract -L'? That's what 'shorewall show connections' does if conntrack is installed. -Tom Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
PGP.sig
Description: This is a digitally signed message part
------------------------------------------------------------------------------ WhatsUp Gold - Download Free Network Management Software The most intuitive, comprehensive, and cost-effective network management toolset available today. Delivers lowest initial acquisition cost and overall TCO of any competing solution. http://p.sf.net/sfu/whatsupgold-sd
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
