There are cases where you want to monitor a specific connection type going from/to/through the router. The following example (run via SSH) tracks DNS requests towards name servers:
watch -tn5 “conntrack -L -p udp –dport 53 | sort -nrk3; echo; conntrack -L -p tcp –dport 53 | sort -nrk3”
The “53” refers to the port used for DNS. In the above case, both udp and tcp are included. You can change this to any relevant port (for example, only 443) to change the command scope.
For example:
watch -tn5 “conntrack -L -p tcp –dport 443 | sort -nrk3”