LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   How to get current IPTABLES NAT record-list? (https://www.linuxquestions.org/questions/linux-networking-3/how-to-get-current-iptables-nat-record-list-24697/)

yuzuohong 07-01-2002 12:53 AM
How to get current IPTABLES NAT record-list?
 
Hi all,

I remember I could use "IPCHAINS -M" to see how many NAT records are being used. When I turn to use IPTABLES, I cannot find this function. Please tell me how to do this, thank you.
I wanna know-- 1. How many NAT records are currently used?
2. Can I get that record list?

fish

Mik 07-01-2002 08:21 AM
As far as I know there isn't an equivalent function in iptables. The connections which are being kept track of should be stored in /proc/net/ip_conntrack. I wrote a simple script which displays it in a more readable form. It was just a quick script which I put together so I'm not sure if it works in all situations but it works for me. It displays all the 192.168.* connections.

Code:
#!/bin/sh
# Begin /usr/sbin/shownat

if [ $# -lt 1 ]
then
  IPRANGE=192.168.
else
  IPRANGE=$1
fi

echo "Local Addr        Foreign Addr    SPort  DPort  State          Timeout"
cat /proc/net/ip_conntrack | \
grep ${IPRANGE} | \
grep tcp | \
sort -t = -k 2 | \
awk '{ printf "%s\t%s\t%s\t%s\t%s\t%s\n", \
      substr($5,5), substr($6,5), substr($7,7), substr($8,7), $4, $3 }'

# End /usr/sbin/shownat


All times are GMT -5. The time now is 09:59 PM.