From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Mart Frauenlob <mart.frauenlob@chello.at>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [PATCH 5/5] conntrack: man: Add description of tables dying and unconfirmed.
Date: Fri, 8 Apr 2016 12:19:21 +0200 [thread overview]
Message-ID: <20160408101921.GD2142@salvia> (raw)
In-Reply-To: <1460053902-2200-6-git-send-email-mart.frauenlob@chello.at>
Applied, thanks.
On Thu, Apr 07, 2016 at 08:31:42PM +0200, Mart Frauenlob wrote:
>
> Signed-off-by: Mart Frauenlob <mart.frauenlob@chello.at>
> ---
> conntrack.8 | 17 +++++++++++++++++
> 1 files changed, 17 insertions(+), 0 deletions(-)
>
> diff --git a/conntrack.8 b/conntrack.8
> index e54951a..dfde9f0 100644
> --- a/conntrack.8
> +++ b/conntrack.8
> @@ -48,6 +48,23 @@ mechanism used to "expect" RELATED connections to existing ones. Expectations
> are generally used by "connection tracking helpers" (sometimes called
> application level gateways [ALGs]) for more complex protocols such as FTP,
> SIP, H.323.
> +.TP
> +.BR "dying" :
> +This table shows the conntrack entries, that have expired and that have been
> +destroyed by the connection tracking system itself, or via the conntrack utility.
> +.TP
> +.BR "unconfirmed" :
> +This table shows new entries, that are not yet inserted into the conntrack table.
> +These entries are attached to packets that are traversing the stack,
> +but did not reach the confirmation point at the postrouting hook.
> +.PP
> +The tables "dying" and "unconfirmed" are basically only useful for debugging purposes.
> +Under normal operation, it is hard to see entries in any of them.
> +There are corner cases, where it is valid to see entries in the
> +unconfirmed table:
> +1) when packets that are enqueued via nfqueue, or
> +2) when conntrackd runs in event reliable mode.
> +.PP
> .SH OPTIONS
> The options recognized by
> .B conntrack
> --
> 1.7.2.5
>
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2016-04-08 10:19 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-07 18:31 [PATCH 0/5] conntrack: documentation updates Mart Frauenlob
2016-04-07 18:31 ` [PATCH 1/5] conntrack: add --proto to usage output Mart Frauenlob
2016-04-08 10:17 ` Pablo Neira Ayuso
2016-04-07 18:31 ` [PATCH 2/5] conntrack: man: add --protonum option Mart Frauenlob
2016-04-07 18:31 ` [PATCH 3/5] conntrack: show --src and --dst options in usage output Mart Frauenlob
2016-04-08 10:18 ` Pablo Neira Ayuso
2016-04-07 18:31 ` [PATCH 4/5] conntrack: man: add options --src and --dst Mart Frauenlob
2016-04-08 10:19 ` Pablo Neira Ayuso
2016-04-07 18:31 ` [PATCH 5/5] conntrack: man: Add description of tables dying and unconfirmed Mart Frauenlob
2016-04-08 10:19 ` Pablo Neira Ayuso [this message]
2016-04-08 10:27 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160408101921.GD2142@salvia \
--to=pablo@netfilter.org \
--cc=mart.frauenlob@chello.at \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).