The conntrack command is a utility in Linux that is used to manipulate the connection tracking table. The connection tracking table is used by the kernel to keep track of the state of network connections, such as TCP and UDP connections.
To use the conntrack command, you will need to specify the operation that you want to perform on the connection tracking table.
If you encounter the below error while running the command conntrack:
conntrack: command not found
you may try installing the below package as per your choice of distribution:
| Distribution | Command |
|---|---|
| Debian | apt-get install conntrack |
| Ubuntu | apt-get install conntrack |
| Arch Linux | pacman -S conntrack |
| Kali Linux | apt-get install conntrack |
| CentOS | yum install conntrack |
| Fedora | dnf install conntrack |
| Raspbian | apt-get install conntrack |
conntrack Command Examples
1. List all currently tracked connections:
# conntrack --dump
2. Display a real-time event log of connection changes:
# conntrack --event
3. Display a real-time event log of connection changes and associated timestamps:
# conntrack --event -o timestamp
4. Display a real-time event log of connection changes for a specific IP address:
# conntrack --event --orig-src ip_address
5. Delete all flows for a specific source IP address:
# conntrack --delete --orig-src ip_address