Family conntrack netlink 規範¶
概要¶
基於 nfnetlink 的 Netfilter 連線跟蹤子系統
操作¶
get¶
獲取/轉儲條目
- attribute-set:
- fixed-header:
- do:
- request
- attributes:
[
tuple-orig,tuple-reply,zone]
- reply
- attributes:
[
tuple-orig,tuple-reply,status,protoinfo,help,nat-src,nat-dst,timeout,mark,counter-orig,counter-reply,use,id,nat-dst,tuple-master,seq-adj-orig,seq-adj-reply,zone,secctx,labels,synproxy]
- dump:
- request
- attributes:
[
nfgen-family,mark,filter,status,zone]
- reply
- attributes:
[
tuple-orig,tuple-reply,status,protoinfo,help,nat-src,nat-dst,timeout,mark,counter-orig,counter-reply,use,id,nat-dst,tuple-master,seq-adj-orig,seq-adj-reply,zone,secctx,labels,synproxy]
get-stats¶
轉儲 pcpu conntrack 統計資訊
- attribute-set:
- fixed-header:
- dump:
request
- reply
- attributes:
[
searched,found,insert,insert-failed,drop,early-drop,error,search-restart,clash-resolve,chain-toolong]
定義¶
nfgenmsg¶
- type:
struct
- members:
- nfgen-family (
u8): - version (
u8): - res-id (
u16):
- nfgen-family (
nf-ct-tcp-flags-mask¶
- type:
struct
- members:
- flags (
u8): - mask (
u8):
- flags (
nf-ct-tcp-flags¶
- type:
flags
- entries:
window-scalesack-permclose-initbe-liberalunackedmaxackchallenge-acksimultaneous-open
nf-ct-tcp-state¶
- type:
enum
- entries:
nonesyn-sentsyn-recvestablishedfin-waitclose-waitlast-acktime-waitclosesyn-sent2maxignoreretransunacktimeout-max
nf-ct-sctp-state¶
- type:
enum
- entries:
noneclonedcookie-waitcookie-echoedestablishedshutdown-sentshutdown-receivedshutdown-ack-sentshutdown-heartbeat-sent
nf-ct-status¶
- type:
flags
- entries:
expectedseen-replyassuredconfirmedsrc-natdst-natseq-adjsrc-nat-donedst-nat-donedyingfixed-timeouttemplatenat-clashhelperoffloadhw-offload
屬性集¶
counter-attrs¶
packets (u64)¶
- byte-order:
big-endian
bytes (u64)¶
- byte-order:
big-endian
packets-old (u32)¶
bytes-old (u32)¶
pad (pad)¶
tuple-proto-attrs¶
proto-num (u8)¶
- doc:
l4 協議號
proto-src-port (u16)¶
- byte-order:
big-endian
- doc:
l4 源埠
proto-dst-port (u16)¶
- byte-order:
big-endian
- doc:
l4 源埠
proto-icmp-id (u16)¶
- byte-order:
big-endian
- doc:
l4 icmp id
proto-icmp-type (u8)¶
proto-icmp-code (u8)¶
proto-icmpv6-id (u16)¶
- byte-order:
big-endian
- doc:
l4 icmp id
proto-icmpv6-type (u8)¶
proto-icmpv6-code (u8)¶
tuple-ip-attrs¶
ip-v4-src (u32)¶
- byte-order:
big-endian
- display-hint:
ipv4
- doc:
ipv4 源地址
ip-v4-dst (u32)¶
- byte-order:
big-endian
- display-hint:
ipv4
- doc:
ipv4 目的地址
ip-v6-src (binary)¶
- byte-order:
big-endian
- display-hint:
ipv6
- doc:
ipv6 源地址
ip-v6-dst (binary)¶
- byte-order:
big-endian
- display-hint:
ipv6
- doc:
ipv6 目的地址
tuple-attrs¶
tuple-ip (nest)¶
- nested-attributes:
- doc:
conntrack l3 資訊
tuple-proto (nest)¶
- nested-attributes:
- doc:
conntrack l4 資訊
tuple-zone (u16)¶
- byte-order:
big-endian
- doc:
conntrack 區域 ID
protoinfo-tcp-attrs¶
tcp-state (u8)¶
- enum:
- doc:
tcp 連線狀態
tcp-wscale-original (u8)¶
- doc:
原始方向的視窗縮放因子
tcp-wscale-reply (u8)¶
- doc:
回覆方向的視窗縮放因子
tcp-flags-original (binary)¶
- struct:
tcp-flags-reply (binary)¶
- struct:
protoinfo-dccp-attrs¶
dccp-state (u8)¶
- doc:
dccp 連線狀態
dccp-role (u8)¶
dccp-handshake-seq (u64)¶
- byte-order:
big-endian
dccp-pad (pad)¶
protoinfo-sctp-attrs¶
sctp-state (u8)¶
- doc:
sctp 連線狀態
- enum:
vtag-original (u32)¶
- byte-order:
big-endian
vtag-reply (u32)¶
- byte-order:
big-endian
protoinfo-attrs¶
protoinfo-tcp (nest)¶
- nested-attributes:
- doc:
conntrack tcp 狀態資訊
protoinfo-dccp (nest)¶
- nested-attributes:
- doc:
conntrack dccp 狀態資訊
protoinfo-sctp (nest)¶
- nested-attributes:
- doc:
conntrack sctp 狀態資訊
help-attrs¶
help-name (string)¶
- doc:
helper 名稱
nat-proto-attrs¶
nat-port-min (u16)¶
- byte-order:
big-endian
nat-port-max (u16)¶
- byte-order:
big-endian
nat-attrs¶
nat-v4-minip (u32)¶
- byte-order:
big-endian
nat-v4-maxip (u32)¶
- byte-order:
big-endian
nat-v6-minip (binary)¶
nat-v6-maxip (binary)¶
nat-proto (nest)¶
- nested-attributes:
seqadj-attrs¶
correction-pos (u32)¶
- byte-order:
big-endian
offset-before (u32)¶
- byte-order:
big-endian
offset-after (u32)¶
- byte-order:
big-endian
secctx-attrs¶
secctx-name (string)¶
synproxy-attrs¶
isn (u32)¶
- byte-order:
big-endian
its (u32)¶
- byte-order:
big-endian
tsoff (u32)¶
- byte-order:
big-endian
conntrack-attrs¶
tuple-orig (nest)¶
- nested-attributes:
- doc:
conntrack l3+l4 協議資訊,原始方向
tuple-reply (nest)¶
- nested-attributes:
- doc:
conntrack l3+l4 協議資訊,回覆方向
status (u32)¶
- byte-order:
big-endian
- enum:
- enum-as-flags:
True
- doc:
conntrack 標誌位
protoinfo (nest)¶
- nested-attributes:
help (nest)¶
- nested-attributes:
nat-src (nest)¶
- nested-attributes:
timeout (u32)¶
- byte-order:
big-endian
mark (u32)¶
- byte-order:
big-endian
counters-orig (nest)¶
- nested-attributes:
counters-reply (nest)¶
- nested-attributes:
use (u32)¶
- byte-order:
big-endian
id (u32)¶
- byte-order:
big-endian
nat-dst (nest)¶
- nested-attributes:
tuple-master (nest)¶
- nested-attributes:
seq-adj-orig (nest)¶
- nested-attributes:
seq-adj-reply (nest)¶
- nested-attributes:
secmark (binary)¶
- doc:
已過時
zone (u16)¶
- byte-order:
big-endian
- doc:
conntrack 區域 ID
secctx (nest)¶
- nested-attributes:
timestamp (u64)¶
- byte-order:
big-endian
mark-mask (u32)¶
- byte-order:
big-endian
labels (binary)¶
labels mask (binary)¶
synproxy (nest)¶
- nested-attributes:
filter (nest)¶
- nested-attributes:
status-mask (u32)¶
- byte-order:
big-endian
- enum:
- enum-as-flags:
True
- doc:
要更改的 conntrack 標誌位
timestamp-event (u64)¶
- byte-order:
big-endian
conntrack-stats-attrs¶
searched (u32)¶
- byte-order:
big-endian
- doc:
已過時
found (u32)¶
- byte-order:
big-endian
new (u32)¶
- byte-order:
big-endian
- doc:
已過時
invalid (u32)¶
- byte-order:
big-endian
- doc:
已過時
ignore (u32)¶
- byte-order:
big-endian
- doc:
已過時
delete (u32)¶
- byte-order:
big-endian
- doc:
已過時
delete-list (u32)¶
- byte-order:
big-endian
- doc:
已過時
insert (u32)¶
- byte-order:
big-endian
insert-failed (u32)¶
- byte-order:
big-endian
drop (u32)¶
- byte-order:
big-endian
early-drop (u32)¶
- byte-order:
big-endian
error (u32)¶
- byte-order:
big-endian
search-restart (u32)¶
- byte-order:
big-endian
clash-resolve (u32)¶
- byte-order:
big-endian
chain-toolong (u32)¶
- byte-order:
big-endian