This blog shows how to check the conntrack state changes when a connection is made or connection got dropped.
Using conntrack command we can states update information.
Example conntrack command to show connection states.
Conntrack command example filter:
# conntrack -E -p tcp --dport 33
1. First ssh connection request sent to firewall public ip address.
[NEW] tcp 6 120 SYN_SENT src=10.233.89.39 dst=10.147.46.107 sport=64887 dport=33 [UNREPLIED] src=10.1.1.44 dst=10.233.89.39 sport=22 dport=64887 mark=2
[UPDATE] tcp 6 60 SYN_RECV src=10.233.89.39 dst=10.147.46.107 sport=64887 dport=33 src=10.1.1.44 dst=10.233.89.39 sport=22 dport=64887 mark=2
[UPDATE] tcp 6 432000 ESTABLISHED src=10.233.89.39 dst=10.147.46.107 sport=64887 dport=33 src=10.1.1.44 dst=10.233.89.39 sport=22 dport=64887 [ASSURED] mark=2
2. ssh session got closed.
[UPDATE] tcp 6 120 FIN_WAIT src=10.233.89.39 dst=10.147.46.107 sport=64887 dport=33 src=10.1.1.44 dst=10.233.89.39 sport=22 dport=64887 [ASSURED] mark=2
[UPDATE] tcp 6 30 LAST_ACK src=10.233.89.39 dst=10.147.46.107 sport=64887 dport=33 src=10.1.1.44 dst=10.233.89.39 sport=22 dport=64887 [ASSURED] mark=2
[UPDATE] tcp 6 120 TIME_WAIT src=10.233.89.39 dst=10.147.46.107 sport=64887 dport=33 src=10.1.1.44 dst=10.233.89.39 sport=22 dport=64887 [ASSURED] mark=2
Using conntrack command we can states update information.
Example conntrack command to show connection states.
Conntrack command example filter:
# conntrack -E -p tcp --dport 33
1. First ssh connection request sent to firewall public ip address.
[NEW] tcp 6 120 SYN_SENT src=10.233.89.39 dst=10.147.46.107 sport=64887 dport=33 [UNREPLIED] src=10.1.1.44 dst=10.233.89.39 sport=22 dport=64887 mark=2
[UPDATE] tcp 6 60 SYN_RECV src=10.233.89.39 dst=10.147.46.107 sport=64887 dport=33 src=10.1.1.44 dst=10.233.89.39 sport=22 dport=64887 mark=2
[UPDATE] tcp 6 432000 ESTABLISHED src=10.233.89.39 dst=10.147.46.107 sport=64887 dport=33 src=10.1.1.44 dst=10.233.89.39 sport=22 dport=64887 [ASSURED] mark=2
2. ssh session got closed.
[UPDATE] tcp 6 120 FIN_WAIT src=10.233.89.39 dst=10.147.46.107 sport=64887 dport=33 src=10.1.1.44 dst=10.233.89.39 sport=22 dport=64887 [ASSURED] mark=2
[UPDATE] tcp 6 30 LAST_ACK src=10.233.89.39 dst=10.147.46.107 sport=64887 dport=33 src=10.1.1.44 dst=10.233.89.39 sport=22 dport=64887 [ASSURED] mark=2
[UPDATE] tcp 6 120 TIME_WAIT src=10.233.89.39 dst=10.147.46.107 sport=64887 dport=33 src=10.1.1.44 dst=10.233.89.39 sport=22 dport=64887 [ASSURED] mark=2
Toshi's Titanium TV [Sega Genesis / Mega Drive] - iTanium
ReplyDeleteToshi's Titanium TV [Sega titanium glasses frames Genesis / thaitanium Mega titanium welder Drive] | iTanium Art | Toshi's Toshi's Toshi's titanium plate flat iron Toshi's Toshi's Toshi's Toshi's Toshi's titanium uses Toshi's Toshi's Toshi's Toshi's Toshi's Toshi's