LinuxQuestions.org - Alter iptables conntrack entries / add additional field in tuple?

- Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)

- - Alter iptables conntrack entries / add additional field in tuple? (https://www.linuxquestions.org/questions/linux-newbie-8/alter-iptables-conntrack-entries-add-additional-field-in-tuple-4175420772/)

kulhar

08-07-2012 02:20 AM

Alter iptables conntrack entries / add additional field in tuple?

Is there any way to play with iptable conntrack tuple , i want to add one more field/variable in tuple and want to see the same in conntrack log .
please help me ...

eg : conntrack -L tcp 17 2 src=X.X.X.X dst=X.x.x.x sport=42403 dport=53 src=x.x.x.x dst=x.x.x.x sport=53 dport=42403 [ASSURED] mark=0 use=1

i need output like:

tcp 17 2 src=X.X.X.X dst=X.x.x.x sport=42403 dport=53 src=x.x.x.x dst=x.x.x.x sport=53 dport=42403 [ASSURED] mark=0 connapp=facebook use=1

unSpawn

08-08-2012 11:32 AM

Quote:

Originally Posted by kulhar (Post 4747829)

i need

Never mind the short-lived nature of some network connections, sites relying on content distribution networks or other aspects of networking, if you think a "connapp" identifier is vital for your conntrack operations then I'd say just go code it. The kernel and conntrack tool sources are available for modification.

kulhar

08-09-2012 12:09 AM

Thanks unSpawn
Can you please provide me some guidelines or any document which i can refer in order to achieve my goal .

Thanks in advance ....

unSpawn

08-09-2012 04:37 AM

No, sorry, but the kernel and conntrack tool sources are available for modification. I guess you'll just have to start by reading a lot.

All times are GMT -5. The time now is 08:52 PM.