summaryrefslogtreecommitdiff
path: root/conntrack.8
diff options
context:
space:
mode:
Diffstat (limited to 'conntrack.8')
-rw-r--r--conntrack.828
1 files changed, 21 insertions, 7 deletions
diff --git a/conntrack.8 b/conntrack.8
index 6c5d9d6..3a35613 100644
--- a/conntrack.8
+++ b/conntrack.8
@@ -4,7 +4,7 @@
.\" Maintained by Pablo Neira Ayuso <pablo@netfilter.org (May 2007)
.SH NAME
-conntrack \- administration tool for netfilter connection tracking
+conntrack \- command line interface for netfilter connection tracking
.SH SYNOPSIS
.BR "conntrack -L [table] [-z]"
.br
@@ -19,9 +19,7 @@ conntrack \- administration tool for netfilter connection tracking
.BR "conntrack -F [table]"
.SH DESCRIPTION
.B conntrack
-is used to search, list, inspect and maintain the netfilter connection tracking
-subsystem of the Linux kernel.
-.PP
+provides a full featured userspace interface to the netfilter connection tracking system that is intended to replace the old /proc/net/ip_conntrack interface. This tool can be used to search, list, inspect and maintain the connection tracking subsystem of the Linux kernel.
Using
.B conntrack
, you can dump a list of all (or a filtered selection of) currently tracked
@@ -75,9 +73,9 @@ Flush the whole given table
Atomically zero counters after reading them. This option is only valid in
combination with the "-L, --dump" command options.
.TP
-.BI "-x, --xml "
-Display output in XML format. This option is only valid in combination with
-the "-L, --dump", "-E, --event" and "-G, --get" command options.
+.BI "-o, --output [extended,xml,timestamp] "
+Display output in a certain format. This option is only valid in combination
+with the "-L, --dump", "-E, --event" and "-G, --get" command options.
.TP
.BI "-e, --event-mask " "[ALL|NEW|UPDATES|DESTROY][,...]"
Set the bitmask of events that are to be generated by the in-kernel ctnetlink
@@ -132,6 +130,22 @@ Specify the destination address mask of an expectation.
The exit code is 0 for correct function. Errors which appear to be caused by
invalid command line parameters cause an exit code of 2. Any other errors
cause an exit code of 1.
+.SH EXAMPLES
+.TP
+.B conntrack \-L
+Dump the connection tracking table in /proc/net/ip_conntrack format
+.TP
+.B conntrack \-L -o extended
+Dump the connection tracking table in /proc/net/nf_conntrack format
+.TP
+.B conntrack \-L \-o xml
+Dump the connection tracking table in XML
+.TP
+.B conntrack \-L -f ipv6 -o extended
+Only dump IPv6 connections in /proc/net/nf_conntrack format
+.TP
+.B conntrack \-E \-o timestamp
+Show connection events together with the timestamp
.SH BUGS
Bugs? What's this ;-)
.SH SEE ALSO