Connection tracking

From LQWiki
Jump to navigation Jump to search

Connection tracking is a means of tracking network connections from one computer to another computer.

Some protocols work well with connection tracking, the most common one of these being TCP. Other protocols like UDP are not exactly stateful, meaning they were not made to be easy for connection tracking (see connectionless).

In the netfilter system, the connection tracking can track TCP, ICMP, and UDP (the most common Internet protocols) as well as other protocols.

For a connection to be considered established, both you and the computer you are trying to connect to, must send at least 1 packet to each other. Related traffic means the traffic is a side effect of previous traffic (say a ICMP error when trying access a machine that doesn't exist, or is down, or some other error). New connections are from machines that you have not sent any packets to in a certain amount of time.

To see what connections there are to and from your computer, see netstat.

Retrieved from "https://wiki.linuxquestions.org/index.php?title=Connection_tracking&oldid=52517"