The conntrack command is a utility in Linux that is used to manipulate the connection tracking table. The connection tracking table is used by the kernel to keep track of the state of network connections, such as TCP and UDP connections.
To use the conntrack command, you will need to specify the operation that you want to perform on the connection tracking table.
conntrack Command Examples
1. List all currently tracked connections:
# conntrack --dump
2. Display a real-time event log of connection changes:
# conntrack --event
3. Display a real-time event log of connection changes and associated timestamps:
# conntrack --event -o timestamp
4. Display a real-time event log of connection changes for a specific IP address:
# conntrack --event --orig-src ip_address
5. Delete all flows for a specific source IP address:
# conntrack --delete --orig-src ip_address