From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1JBh7x-0001OR-2r for garchives@archives.gentoo.org; Mon, 07 Jan 2008 01:50:09 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 55632E0487; Mon, 7 Jan 2008 01:49:04 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id B322EE0484 for ; Mon, 7 Jan 2008 01:49:03 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp.gentoo.org (Postfix) with ESMTP id 48AF0658CC for ; Mon, 7 Jan 2008 01:49:03 +0000 (UTC) X-Virus-Scanned: amavisd-new at gentoo.org X-Spam-Score: -2.691 X-Spam-Level: X-Spam-Status: No, score=-2.691 required=5.5 tests=[AWL=-0.092, BAYES_00=-2.599] Received: from smtp.gentoo.org ([127.0.0.1]) by localhost (smtp.gentoo.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G8gWayazBYaY for ; Mon, 7 Jan 2008 01:48:57 +0000 (UTC) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTP id 77CD66555B for ; Mon, 7 Jan 2008 01:48:56 +0000 (UTC) Received: from list by ciao.gmane.org with local (Exim 4.43) id 1JBh6h-0000Ia-3k for gentoo-user@gentoo.org; Mon, 07 Jan 2008 01:48:51 +0000 Received: from adsl-75-3-178-22.dsl.chcgil.sbcglobal.net ([75.3.178.22]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Mon, 07 Jan 2008 01:48:51 +0000 Received: from reader by adsl-75-3-178-22.dsl.chcgil.sbcglobal.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Mon, 07 Jan 2008 01:48:51 +0000 X-Injected-Via-Gmane: http://gmane.org/ To: gentoo-user@lists.gentoo.org From: reader@newsguy.com Subject: [gentoo-user] ip_conntrack - is it missing Date: Sun, 06 Jan 2008 19:48:43 -0600 Organization: Still searching... Message-ID: <87sl1aiex0.fsf@newsguy.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: adsl-75-3-178-22.dsl.chcgil.sbcglobal.net User-Agent: Gnus/5.110007 (No Gnus v0.7) Emacs/22.1 (gnu/linux) Cancel-Lock: sha1:XoFM863Oda61voRS52u0F6QfVkk= Sender: news X-Archives-Salt: ae1c8b88-8a70-49f1-bf22-003410469b4e X-Archives-Hash: f3f1d13f257497e9e73edc84bf189983 I'm working my way thru this document: http://gentoo-wiki.com/HOWTO_Iptables_and_stateful_firewalls Somewhere in this part: #Should_I_take_this_tutorial (add it to the above url) Once there scan for the work /proc and a few hits will get you to this line: (emphasis is mine) If you've already rebooted and are using your new netfilter-enabled kernel, you can view a list of active network connections that your machine is participating in by typing "cat/proc/net/ip_conntrack". Even with no firewall configured, Linux's conntrack functionality is working behind the scenes, keeping track of the connections that your machine is participating in. I don't see that on a machine where I've tried to pick every iptable and contrack setting for the kernel I could find. Including the ones on that page that are still around. find /proc -iname '*conntrack*' or even find /proc -iname '*con*' Turns up nothing even close. Does it mean I'm still missing something in the kernel build? or is it just baloney or out of date? It claims you should see this even if you aren't running iptables yet -- gentoo-user@lists.gentoo.org mailing list