* Re: conntrack not displaying bytes and packets
[not found] <401131.21271.qm@web113317.mail.gq1.yahoo.com>
@ 2011-05-12 8:20 ` Pablo Neira Ayuso
2011-05-12 12:48 ` Vieri
0 siblings, 1 reply; 2+ messages in thread
From: Pablo Neira Ayuso @ 2011-05-12 8:20 UTC (permalink / raw)
To: Vieri, Mail List - Netfilter
On 11/05/11 08:19, Vieri wrote:
> Hi,
>
> Since I updated my kernel to 2.6.36 and 2.6.37, /proc/net/nf_conntrack and conntrack -L do NOT show "packets" and "bytes" even for ASSURED / REPLIED connections.
>
> It seems that both of these data (bytes and packets) have disappeared from conntrack/netfilter.
>
> Am I missing something? Is there an option somewhere to restore earlier behavior (previous kernels/netfilter would always display both bytes and packets)?
>
> Example when opening google:
>
> ipv4 2 tcp 6 431999 ESTABLISHED src=10.215.144.48 dst=209.85.147.104 sport=52531 dport=80 src=209.85.147.104 dst=10.215.144.48 sport=80 dport=52531 [ASSURED] mark=0 secmark=0 use=2
>
> ipv4 2 tcp 6 431999 ESTABLISHED src=10.215.144.48 dst=209.85.147.104 sport=52533 dport=80 src=209.85.147.104 dst=10.215.144.48 sport=80 dport=52533 [ASSURED] mark=0 secmark=0 use=2
>
> ipv4 2 tcp 6 431999 ESTABLISHED src=10.215.144.48 dst=209.85.147.104 sport=52530 dport=80 src=209.85.147.104 dst=10.215.144.48 sport=80 dport=52530 [ASSURED] mark=0 secmark=0 use=2
>
> ipv4 2 tcp 6 431998 ESTABLISHED src=10.215.144.48 dst=209.85.147.104 sport=52532 dport=80 src=209.85.147.104 dst=10.215.144.48 sport=80 dport=52532 [ASSURED] mark=0 secmark=0 use=2
>
> Previous kernel/netfilter would show something like this:
>
> tcp 6 73 TIME_WAIT src=10.215.144.7 dst=209.85.147.104 sport=35407 dport=80 packets=15 bytes=1386 src=209.85.147.104 dst=192.168.92.2 sport=80 dport=35407 packets=11 bytes=10180 [ASSURED] mark=1 use=1
>
> (note "bytes" and "packets")
echo 1 > /proc/sys/net/netfilter/nf_conntrack_acct
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: conntrack not displaying bytes and packets
2011-05-12 8:20 ` conntrack not displaying bytes and packets Pablo Neira Ayuso
@ 2011-05-12 12:48 ` Vieri
0 siblings, 0 replies; 2+ messages in thread
From: Vieri @ 2011-05-12 12:48 UTC (permalink / raw)
To: netfilter, pablo
--- On Thu, 5/12/11, Pablo Neira Ayuso <pablo@netfilter.org> wrote:
> echo 1 > /proc/sys/net/netfilter/nf_conntrack_acct
Thank you!
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2011-05-12 12:48 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <401131.21271.qm@web113317.mail.gq1.yahoo.com>
2011-05-12 8:20 ` conntrack not displaying bytes and packets Pablo Neira Ayuso
2011-05-12 12:48 ` Vieri
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.