View previous topic :: View next topic |
Author |
Message |
maverick6664 Guru
Joined: 13 May 2005 Posts: 413 Location: Tokyo / Japan
|
Posted: Sun Oct 14, 2012 2:07 pm Post subject: How to watch traffics from/to masqueraded machines.[solved] |
|
|
Hi all,
I have 2 machines;one gentoo and the other Windows Vista. Gentoo is the gateway and using IP-masquerading, Vista is connected to Gentoo machine.
Now on Gentoo machine I can see network connection from/to Gentoo machine using netstat (as a matter of course!), but netstat doesn't show traffices from/to Vista machine. I use Wireshark also and it shows traffics from/to Vista machine, but wireshark is a little bit verbose.
Is there any way to just check trafics from/to Vista machine?
Thanks in advance. _________________ Tetsuji Rai
a.k.a. Lukiest in the world
Last edited by maverick6664 on Mon Oct 15, 2012 7:38 am; edited 1 time in total |
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21593
|
Posted: Sun Oct 14, 2012 4:12 pm Post subject: |
|
|
You could inspect the connection tracking table, if you have enabled the right kernel options. It is possible to have a kernel which can perform NAT, but which does not provide the data in a readily-accessible form. I like iptstate for printing the table, but there may be other tools that can do it.
Note that in some cases, a connection tracking entry will exist when no actual connection exists. However, if a connection exists, it should be in the tracking table. |
|
Back to top |
|
|
PaulBredbury Watchman
Joined: 14 Jul 2005 Posts: 7310
|
Posted: Sun Oct 14, 2012 6:16 pm Post subject: |
|
|
Can watch the iptables rule-matching totals, e.g.:
Code: | watch -n 2 "iptables -t mangle -L -v | grep eth0 | grep CLASSIFY" |
|
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21593
|
Posted: Sun Oct 14, 2012 7:14 pm Post subject: |
|
|
Using watch can be a good choice if you want to inspect counters from a program that does not understand repeated runs (e.g. iptables), but the statement shown depends on the mangle table, which is optional for simple NAT setups, and on having a rule that uses CLASSIFY, which is also optional for NAT. |
|
Back to top |
|
|
maverick6664 Guru
Joined: 13 May 2005 Posts: 413 Location: Tokyo / Japan
|
Posted: Mon Oct 15, 2012 7:37 am Post subject: |
|
|
Thank you all.
I'll try all and compare. Thank you! _________________ Tetsuji Rai
a.k.a. Lukiest in the world |
|
Back to top |
|
|
|