关于Linux连接跟踪模块

# 关于Linux连接跟踪模块 ## 一、背景概述 nf_conntrack模块在kernel 2.6.15(2006-01-03发布)被引入,支持ipv4和ipv6,取代只支持ipv4的ip_connktrack,用于跟踪连接的状态,供其他模块使用。 最常见的使用场景是 iptables 的 nat 和 state 模块: - nat 根据转发规则修改IP包的源/目标地址,靠nf_conntrack的记录才能让返回的包能路由到发请求的机器。 - state 直

View details »

Is it safe to disable co

# The short answer Usually you will only need connection tracking for outbound connections. If any local device makes a connection to the Internet, the firewall records that this specific IP and port tried to make a connection to the other

View details »


















© 2017 - JISHUBOKE.COM - 京ICP备16020435号   Powered by Markdown Editor & Flask & Express