netstat-nat(1) General Commands Manual netstat-nat(1)NAME
netstat-nat - Show the natted connections on a linux iptable firewall
SYNOPSIS
netstat-nat [options]
DESCRIPTION
netstat-nat Displays NAT connections managed by netfilter/iptables which comes with the > 2.4.x linux kernels.
The program reads its information from '/proc/net/ip_conntrack' or '/proc/net/nf_conntrack', which is the temporary conntrack-storage of
netfilter.
OPTIONS -h displays help
-n don't resolve IPs/portnumbers to host/portnames
-p <protocol>
display NAT connections with protocol selection (see /etc/protocols)
-s <source host>
display connections by source IP/hostname
-d <destination host>
display connections by destination IP/hostname
-S display SNAT connections
-D display DNAT connections
-L display only connections to NAT box self (doesn't show SNAT & DNAT)
-R display only connections routed through the NAT box (doesn't show SNAT & DNAT)
-x extended view of hostnames
-r <src|dst|src-port|dst-port|state>
sort connections
-o no output header
-N display NAT box connection information (only valid with SNAT & DNAT)
-v prints version
FILES
/proc/net/ip_conntrack or /proc/net/nf_conntrack
SEE ALSO
http://www.tweegy.nl/projects/netstat-nat/
http://www.netfilter.org/
AUTHOR
netstat-nat has been written by D.Wijsman danny@tweegy.nl
The manual page has been written by marceln@xs4all.nl
July 2002 netstat-nat(1)
Check Out this Related Man Page
NAT action in tc(8) Linux NAT action in tc(8)NAME
nat - stateless native address translation action
SYNOPSIS
tc ... action nat DIRECTION OLD NEW
DIRECTION := { ingress | egress }
OLD := IPV4_ADDR_SPEC
NEW := IPV4_ADDR_SPEC
IPV4_ADDR_SPEC := { default | any | all | in_addr[/{prefix|netmask}]
DESCRIPTION
The nat action allows to perform NAT without the overhead of conntrack, which is desirable if the number of flows or addresses to perform
NAT on is large. This action is best used in combination with the u32 filter to allow for efficient lookups of a large number of stateless
NAT rules in constant time.
OPTIONS
ingress
Translate destination addresses, i.e. perform DNAT.
egress Translate source addresses, i.e. perform SNAT.
OLD Specifies addresses which should be translated.
NEW Specifies addresses which OLD should be translated into.
NOTES
The accepted address format in OLD and NEW is quite flexible. It may either consist of one of the keywords default, any or all, represent-
ing the all-zero IP address or a combination of IP address and netmask or prefix length separated by a slash (/) sign. In any case, the
mask (or prefix length) value of OLD is used for NEW as well so that a one-to-one mapping of addresses is assured.
Address translation is done using a combination of binary operations. First, the original (source or destination) address is matched
against the value of OLD. If the original address fits, the new address is created by taking the leading bits from NEW (defined by the
netmask of OLD) and taking the remaining bits from the original address.
There is rudimental support for upper layer protocols, namely TCP, UDP and ICMP. While for the first two only checksum recalculation is
performed, the action also takes care of embedded IP headers in ICMP packets by translating the respective address therein, too.
SEE ALSO tc(8)iproute2 12 Jan 2015 NAT action in tc(8)
I need to open a port in linux to allow a connect() from another box to succeed. I have the linux box listening on port 3000 on INADDR_ANY, and a Windows box does a connect to the IP of the linux box on that same port. The Linux box refuses the connection. I think it's because all the ports are... (9 Replies)
Dear Members,
I have aquired a load of old Wyse dumb terminals. I have a Linux system set up that I want to be the host for all of these. Now, I know these don't use cat5 or standard networking. They are all done through serial (com) ports. However, I researched this more and found a converter... (25 Replies)
Hi!, I am a bit of a linux neebie. I just installed and setup appache 2. I have it all installed the way it should be according to the appache documentation. When i try to view my page i find that i can't. Can someone help me please :confused: (8 Replies)
Hi all,
I'm trying to launch admintool via an export DISPLAY.
i get the message: Received communication service error 4: Remote procedure call timed out: program = 100087, version = 10
Just to say, i don't use nis/nisplus on my server...
What to do?
Thanx
Jason (17 Replies)
just as the title says.
thanks.
#General Rule Sets
/sbin/ipfw add 0300 check-state
/sbin/ipfw add 0301 deny tcp from any to any in established
/sbin/ipfw add 0302 pass tcp from any to any out setup keep-state
/sbin/ipfw add 0303 pass udp from any to any out
#SSH FTP
/sbin/ipfw add 0400... (11 Replies)
Hello everybody,
Look, im having problems with connections from other server, i must recieve maximus 5 connections from the other server, when I run 'netstat -A | grep <THE_OTHER_SERVER_IP>' I can see how many connections I have already established, but when they open another connection, i mean... (8 Replies)
hi all
1) how to determine available ports in a box (solaris)
do i have to go for a netstat on all the ports?
2) how to block a particular port for a particular type of connection.
Any help would be greatly appreciated
Thanks (7 Replies)
Hello
im using sunos im trying to lock down application that taking my port
when Im doing "netstat -in | grep 8080"
Is gives me the indication that the port is taken but no indication who is taken the port.
How can I find out who is taking my port?
Thanks allot (7 Replies)
Dear ALL,
my server give me messages like below:
Apr 20 21:33:09 TAISERVER in.routed: interface bge3 to 192.168.11.22 turned off
I check with ifconfig,but nothing error that,how can make it solve...thanks for your help. (7 Replies)
Is there any way to make netstat output the information in a more human readable format? even if it's not exact? I don't even care if it has to round up/down to the nearest Meg to make it work.
I wind up having to stare at netstat running for while and I wish I could get it to output things in a... (10 Replies)
Hello All,
I configured a DNS server added the below entry to /etc/resolv.conf
domain example.com
nameserver 10.11.60.70
my nslookup commands are OK and fast.
but when trying to netstat -r it takes more then 5 seconds.
Please can you help to solve this issue.
Regards, (10 Replies)
Do I have this command correct to show all current connections/sessions my Solaris box has? It does not seem to do anything.
netstat -an | grep EST (6 Replies)
Hi All,
Could any one please help me how to assign IP to a linux box permanently.
IP should not be changed even after Rebooting the machine.:b::b::b: (8 Replies)
Hello All,
I am using netstat on HP-UX to retrieve the established network connections on my host. Can anyone please confirm how can I retrieve the PID and program name as well for these connections? These are available from the netstat version on Windows but I don't see PID and program name to... (10 Replies)