What is nf_conntrack used for?

P

postcd

Guest
Please what is /proc/net/nf_conntrack used for?
It is like a log file of the internet connections?

What if i remove some lines or empty it? (conntrack -F ?)

Please how can i prevent this file being used/created/new entries added without disabling connection tracking?
 
Last edited:


V

VitalkaDrug

Guest
It's a representation of the connections tracking table from Linux kernel.
It contains a list of records with detailed info for each network connection established from/to/through your server.
The conntrack table is managed by your kernel. The kernel uses it in the:
- network address translation mechanism (NAT/SNAT)
- firewall (netfilter)
- may be somewhere else
So, it's not just a log on connections. The data from those records are used by kernel actually to make some decisions.
If you empty the contrack table then the kernel will start to fill it again, but your current network connections can be lost.
You can disable usage of the conntrack table for some packets via iptables. Look to the NOTRACK target of iptables.
 


Members online


Latest posts

Top