Site Tools


monitor_connections

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
monitor_connections [2022/06/22 08:06] rs232monitor_connections [2023/09/10 20:09] (current) rs232
Line 1: Line 1:
 ====== Actively monitor connections ====== ====== Actively monitor connections ======
  
-There are cases where you want to monitor a specific type of connection going from/to through your router. As an example the following example keeps track of DNS requests towards name servers.+There are cases where you want to monitor a specific type of connection going from/to/through your router. The following example run via SSH tracks DNS requests towards name servers. 
 + 
 + \\
  
 ''watch -tn5 "conntrack -L -p udp --dport **53** | sort -nrk3; echo; conntrack -L -p tcp --dport **53** | sort -nrk3"'' ''watch -tn5 "conntrack -L -p udp --dport **53** | sort -nrk3; echo; conntrack -L -p tcp --dport **53** | sort -nrk3"''
  
-53 of course refers to DNS and in the above case includes both udp and tcp. You can change this to any port of relevancy (e.g. 443) to change the command scope.+ \\ 
 + 
 +The number 53 refers to the port used for DNS. In the above case, this includes both udp and tcp. You can change this to any relevant port (for example, only 443) to change the command scope. 
 + \\  
 + \\  
 + \\  
 +For example: 
 + 
 + \\ 
 + 
 +''watch -tn5 "conntrack -L -p tcp --dport 443 | sort -nrk3"'' 
 + 
 + \\ 
 + 
monitor_connections.1655881614.txt.gz · Last modified: 2022/06/22 08:06 by rs232