From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Vieri <rentorbuy@yahoo.com>,
Mail List - Netfilter <netfilter@vger.kernel.org>
Subject: Re: conntrack not displaying bytes and packets
Date: Thu, 12 May 2011 10:20:36 +0200 [thread overview]
Message-ID: <4DCB9854.5080805@netfilter.org> (raw)
In-Reply-To: <401131.21271.qm@web113317.mail.gq1.yahoo.com>
On 11/05/11 08:19, Vieri wrote:
> Hi,
>
> Since I updated my kernel to 2.6.36 and 2.6.37, /proc/net/nf_conntrack and conntrack -L do NOT show "packets" and "bytes" even for ASSURED / REPLIED connections.
>
> It seems that both of these data (bytes and packets) have disappeared from conntrack/netfilter.
>
> Am I missing something? Is there an option somewhere to restore earlier behavior (previous kernels/netfilter would always display both bytes and packets)?
>
> Example when opening google:
>
> ipv4 2 tcp 6 431999 ESTABLISHED src=10.215.144.48 dst=209.85.147.104 sport=52531 dport=80 src=209.85.147.104 dst=10.215.144.48 sport=80 dport=52531 [ASSURED] mark=0 secmark=0 use=2
>
> ipv4 2 tcp 6 431999 ESTABLISHED src=10.215.144.48 dst=209.85.147.104 sport=52533 dport=80 src=209.85.147.104 dst=10.215.144.48 sport=80 dport=52533 [ASSURED] mark=0 secmark=0 use=2
>
> ipv4 2 tcp 6 431999 ESTABLISHED src=10.215.144.48 dst=209.85.147.104 sport=52530 dport=80 src=209.85.147.104 dst=10.215.144.48 sport=80 dport=52530 [ASSURED] mark=0 secmark=0 use=2
>
> ipv4 2 tcp 6 431998 ESTABLISHED src=10.215.144.48 dst=209.85.147.104 sport=52532 dport=80 src=209.85.147.104 dst=10.215.144.48 sport=80 dport=52532 [ASSURED] mark=0 secmark=0 use=2
>
> Previous kernel/netfilter would show something like this:
>
> tcp 6 73 TIME_WAIT src=10.215.144.7 dst=209.85.147.104 sport=35407 dport=80 packets=15 bytes=1386 src=209.85.147.104 dst=192.168.92.2 sport=80 dport=35407 packets=11 bytes=10180 [ASSURED] mark=1 use=1
>
> (note "bytes" and "packets")
echo 1 > /proc/sys/net/netfilter/nf_conntrack_acct
next parent reply other threads:[~2011-05-12 8:20 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <401131.21271.qm@web113317.mail.gq1.yahoo.com>
2011-05-12 8:20 ` Pablo Neira Ayuso [this message]
2011-05-12 12:48 ` conntrack not displaying bytes and packets Vieri
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4DCB9854.5080805@netfilter.org \
--to=pablo@netfilter.org \
--cc=netfilter@vger.kernel.org \
--cc=rentorbuy@yahoo.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.