iptstate – Top-like state for netfilter/iptables
Sponsored Link
Install iptstate in ubuntu
sudo apt-get install iptstate
Using iptstate
Syntax
iptstate [<options>]
Available options
-c, --no-color -- Toggle color-code by protocol
-C, --counters -- Toggle display of bytes/packets counters
-d, --dst-filter IP- Only show states with a destination of IP Note, that this must be an IP, hostname matching is not yet supported.
-D --dstpt-filter port -- Only show states with a destination port of port
-h, --help -- Show help message
-l, --lookup -- Show hostnames instead of IP addresses
-m, --mark-truncated -- Mark truncated hostnames with a ’+’
-o, --no-dynamic -- Toggle dynamic formatting
-L, --no-dns -- Skip outgoing DNS lookup states
-f, --no-loopback -- Filter states on loopback
-p, --no-scroll -- No scrolling (don’t use a "pad"). See SCROLLING AND PADS for more information.
-r, --reverse -- Reverse sort order
-R, --rate seconds -- Refresh rate, followed by rate in seconds. Note that this is for statetop mode, and not applicable for single-run mode (--single).
-1, --single -- Single run (no curses)
-b, --sort column -- This determines what column to sort by. Options:
S Source Port
d Destination IP (or Name)
D Destination Port
p Protocol
s State
t TTL
b Bytes
P Packets
To sort by Source IP (or Name), don’t use -b. Sorting by bytes/packets is only available for kernels that support it, and only when compiled against libnetfilter_conntrack (the default).
-s, --src-filter IP -- Only show states with a source of IP. Note, that this must be an IP, hostname matching is not yet supported.
-S, --srcpt-filter port -- Only show states with a source port of port
-t, --totals -- Toggle display of totals
I’m using Ubuntu Karmic (9.10). I ran apt-get update then apt-get install ipsate and just got an error saying that the package does not exist.
correct command is
sudo apt-get install iptstate
Synaptic Package Manager says: Iptstate is only useful if netfilter CONNTRACK is enabled in
the kernel.
How does one discover if CONNTRACK is enable in the kernel?
@Tom:
How does one discover if CONNTRACK is enable in the kernel?
try
~$ lsmod | grep conntrack