iptstate – Top-like state for netfilter/iptables

Sponsored Link
iptstate  displays  information  held  in  the IP Tables state table in real-time in a top-like format.  Output can be sorted by any field,  or any field reversed. Users can choose to have the output only print once and  exit,  rather  than  the  top-like   system.   Refresh   rate   is configurable,  IPs  can  be resolved to names, output can be formatted,the display can be filtered, and color coding are  among  some  of  the many features.
Install iptstate in ubuntu

sudo apt-get install iptstate

Using iptstate

Syntax

iptstate [<options>]

Available options

-c, --no-color --  Toggle color-code by protocol

-C, --counters  -- Toggle display of bytes/packets counters

-d, --dst-filter IP-  Only  show  states with a destination of IP Note, that this must be an IP, hostname matching is not yet supported.

-D --dstpt-filter port --  Only show states with a destination port of port

-h, --help -- Show help message

-l, --lookup -- Show hostnames instead of IP addresses

-m, --mark-truncated -- Mark truncated hostnames with a ’+’

-o, --no-dynamic -- Toggle dynamic formatting

-L, --no-dns -- Skip outgoing DNS lookup states

-f, --no-loopback -- Filter states on loopback

-p, --no-scroll -- No scrolling (don’t use a "pad"). See  SCROLLING  AND  PADS  for more information.

-r, --reverse -- Reverse sort order

-R, --rate seconds -- Refresh rate, followed by rate in seconds. Note that this is for statetop  mode,  and  not   applicable   for   single-run   mode (--single).

-1, --single -- Single run (no curses)

-b, --sort column -- This determines what column to sort by. Options:
S Source Port
d Destination IP (or Name)
D Destination Port
p Protocol
s State
t TTL
b Bytes
P Packets
To  sort  by  Source  IP  (or  Name),  don’t  use -b. Sorting by bytes/packets is only available for kernels that support it, and only when compiled against libnetfilter_conntrack (the default).

-s, --src-filter IP -- Only show states with a source of IP. Note, that this must be an IP, hostname matching is not yet supported.

-S, --srcpt-filter port -- Only show states with a source port of port

-t, --totals -- Toggle display of totals

Sponsored Link

You may also like...

4 Responses

  1. Mathieu says:

    I’m using Ubuntu Karmic (9.10). I ran apt-get update then apt-get install ipsate and just got an error saying that the package does not exist.

  2. admin says:

    correct command is

    sudo apt-get install iptstate

  3. Tom says:

    Synaptic Package Manager says: Iptstate is only useful if netfilter CONNTRACK is enabled in
    the kernel.

    How does one discover if CONNTRACK is enable in the kernel?

  4. FirstByte says:

    @Tom:
    How does one discover if CONNTRACK is enable in the kernel?

    try
    ~$ lsmod | grep conntrack

Leave a Reply

Your email address will not be published. Required fields are marked *