On 2/18/23 21:09, Samuel Sieb wrote:
On 2023-02-18 18:35, ToddAndMargo via users wrote:
On 2/18/23 18:31, Samuel Sieb wrote:
On 2023-02-18 17:10, ToddAndMargo via users wrote:
On 2/18/23 16:59, Samuel Sieb wrote:
lsof -i tcp:6556
Pretty!
# lsof -i udp:3780
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
conntrack 5617 root 6u IPv4 33770 0t0 UDP *:nnp
I am using iptables. Do you think I can just remove
conntrack?
Check the full command for that PID because I wouldn't expect the
firewall to have a process like that.
$ ps ax | grep [5]617
5617 ? Ss 0:03 /usr/sbin/conntrackd -C
/etc/conntrackd/conntrackd.conf
I also looked at
# dnf remove conntrack
Dependencies resolved.
================================================================================
Package Arch Version
Repository Size
================================================================================
Removing:
conntrack-tools x86_64 1.4.6-4.fc37 @fedora
670 k
Removing unused dependencies:
libnetfilter_cthelper x86_64 1.0.0-22.fc37 @fedora
43 k
libnetfilter_cttimeout x86_64 1.0.0-20.fc37 @fedora
43 k
libnetfilter_queue x86_64 1.0.5-3.fc37 @fedora
53 k
Transaction Summary
================================================================================
Remove 4 Packages
No sign of iptables in that.
It's a process primarily for managing and synchronizing the connection
state in a cluster. I don't know why you have it installed, it's not
default for workstation at least.
Years and years ago, I installed from Xfce's Live USB.
A lot of weird stuff got installed when I upgraded
from fc36 to fc37. Netfilter for one, which did a job on
my iptables.
Did you do a server install?
No. I am a believer is doing a dead level
minimalist install and then adding what
services you need as they arise.
You can certainly delete it if you want.
Thank you for the confirmation Sam!
Oh and silly me! If I was worried about iptables
not working if I removed conntrack, all I had to do
was a simple test:
# systemctl stop conntrackd
And blessed silence in my log file. Test outgoing
ports I know are blocked with tcpping to verify
my firewall is still working. Then
# dnf remove conntrack
restart my firewall.
Happy camping has returned.
All these years I never knew how to trace down
what program was using what port in Linux.
I now have it written down!
Thank you all for the help!
-T
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If I had a dime every time I didn't know
what was going on, I'd be like, "Why is
everyone giving me all these dimes?"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
_______________________________________________
users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
