Latest LQ Deal: Latest LQ Deals
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 01-21-2017, 07:09 AM   #1
Registered: Sep 2015
Distribution: Debian, Archlinux
Posts: 140

Rep: Reputation: Disabled
Outgoing Traffic

Hello. I've routed my Internet connection through a gateway machine. Desktop-pc has Debian8, Router runs on a minimalistic archlinux distro.
I recently thought it would be interesting to view all outgoing traffic from my PC. After a fresh reboot of both machines i switched off the internet-inteface of the router and started tcpdump on the lan-interface.
Besides ntp and other connections there were dns-requests for pages i often visit and traffic to strange ip adresses without firefox or any other application running. Turned out they belong to facebook, amazon and some other weird networks (such as So i wanted to find the Process/job/thread thats the origin of this traffic and ran 'netstat -wtp' as root on the debian machine with no special result except for example:
tcp        0      0       a23-37-43-27.deplo:http TIME_WAIT   -
where '-' is where usually the process name/id should stand.
Any idea of how to make this visible?
I consider to configure the firewall to filter outgoing traffic as well and don't know what connections are vital for the system to work and what not, does anybody have experience with such issues?

Last edited by platypo; 01-21-2017 at 07:18 AM.
Old 01-22-2017, 04:25 PM   #2
LQ Veteran
Registered: Jan 2011
Location: Abingdon, VA
Distribution: Catalina
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
Originally Posted by platypo View Post
Turned out they belong to facebook, amazon and some other weird networks (such as
Red-herring IMO.
But is a Google-owned domain name used to identify the servers in our network.
Old 01-22-2017, 05:22 PM   #3
Registered: Sep 2015
Distribution: Debian, Archlinux
Posts: 140

Original Poster
Rep: Reputation: Disabled
Originally Posted by Habitual View Post
Red-herring IMO.
Do you mean the figured speech or is this some sort of malware?
I can post the output if you want i saved it.

Edit: and is ther any way to make the origin of these requests visible?

Last edited by platypo; 01-22-2017 at 05:29 PM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Redirect outgoing traffic harish.golwilkar Solaris / OpenSolaris 6 04-07-2015 05:02 AM
Block Outgoing HTTP traffic joemon83 Linux - Security 7 05-21-2010 12:19 PM
filter outgoing traffic with tcpdump m4rtin Linux - Networking 3 05-14-2010 02:42 AM
Traffic shaping (limiting outgoing bandwidth of all TCP-traffic except FTP/HTTP) ffkodd Linux - Networking 3 10-25-2008 01:09 AM
Intercept outgoing traffic through a firewall???? macburton Linux - Security 1 10-17-2004 02:10 PM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 08:54 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration