https://github.com/yuuki/lsconntrack
The Linux netfilter conntrack-based connection flows pretty printer.
https://github.com/yuuki/lsconntrack
conntrack go linux netfilter tcp
Last synced: about 1 month ago
JSON representation
The Linux netfilter conntrack-based connection flows pretty printer.
- Host: GitHub
- URL: https://github.com/yuuki/lsconntrack
- Owner: yuuki
- License: mit
- Created: 2018-02-24T17:05:50.000Z (about 8 years ago)
- Default Branch: master
- Last Pushed: 2018-03-05T00:28:09.000Z (about 8 years ago)
- Last Synced: 2025-06-06T01:39:46.499Z (10 months ago)
- Topics: conntrack, go, linux, netfilter, tcp
- Language: Go
- Homepage:
- Size: 878 KB
- Stars: 41
- Watchers: 4
- Forks: 4
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
Awesome Lists containing this project
README
# lsconntrack
[][travis]
[][goreportcard]
[license]: https://github.com/yuuki/lsconntrack/blob/master/LICENSE
[travis]: https://travis-ci.org/yuuki/lsconntrack
[goreportcard]: (https://goreportcard.com/report/github.com/yuuki/lsconntrack)
lsconntrack prints `host flows` (aggregated connection flows to the same source or destination ports) tracked by Linux netfilter conntrack and enables you to simply grasp the network relationship between localhost and other hosts.
friend: [yuuki/lstf](https://github.com/yuuki/lstf)
## Features
- Distinction of `active opens` and `passive opens`
- Print also packets and bytes of each flows (the absolute values are meaningless)
- Go portability
- Filter by ports (--active-ports and --passive-ports)
- stdin support (combination with [conntrack-tools](http://conntrack-tools.netfilter.org/))
- JSON support
- TCP support only
- TODO: streaming support
## Environment
- Linux only
- Tested on CentOS5, Debian7, Debian8
## Setup
- Load ip_conntrack / nf_conntrack module
- Download the binary from https://github.com/yuuki/lsconntrack/releases .
## How to use
```shell
$ lsconntrack -n
Local Address:Port <--> Peer Address:Port Inpkts Inbytes Outpkts Outbytes
localhost:many --> 10.0.1.10:3306 5521792 123258667 5423865 282041045
localhost:many --> 10.0.1.11:3306 58800 3062451 58813 3061627
localhost:many --> 10.0.1.20:8080 123 169638 62 3580
localhost:80 <-- 10.0.2.10:80 23 6416 25 25460
localhost:80 <-- 10.0.2.11:80 38 8574 34 32752
```
```shell
# Prints active open connections from localhost to destination hosts.
$ lsconntrack --active
Local Address:Port <--> Peer Address:Port Inpkts Inbytes Outpkts Outbytes
localhost:many --> 10.0.1.10:3306 5521792 123258667 5423865 282041045
localhost:many --> 10.0.1.11:3306 58800 3062451 58813 3061627
localhost:many --> 10.0.1.20:8080 123 169638 62 3580
...
```
```shell
# Prints passive open connections from destination hosts to localhost.
$ lsconntrack --passive
Local Address:Port <--> Peer Address:Port Inpkts Inbytes Outpkts Outbytes
localhost:80 <-- 10.0.2.10:many 23 6416 25 25460
localhost:80 <-- 10.0.2.11:many 38 8574 34 32752
...
```
### filter by port
```shell
$ lsconntrack --active --aport 3306 --aport 11211
```
### via stdin
```shell
$ cat /proc/net/nf_conntrack | lsconntrack --stdin
```
### JSON format
```shell
$ lsconntrack --json | jq -r -M '.'
[
{
"direction": "active",
"local": {
"Addr": "localhost",
"Port": "many"
},
"peer": {
"addr": "10.0.100.1",
"port": "3306"
},
"stat": {
"total_inbound_packets": 1491,
"total_inbound_bytes": 1480239,
"total_outbound_packets": 1537,
"total_outbound_bytes": 520613
}
},
{
"direction": "passive",
"local": {
"addr": "localhost",
"port": "80"
},
"peer": {
"addr": "10.0.200.1",
"port": "many"
},
"stat": {
"total_inbound_packets": 1491,
"total_inbound_bytes": 1480239,
"total_outbound_packets": 1537,
"total_outbound_bytes": 520613
}
},
...
]
```
## License
[MIT][license]
## Author
[yuuki](https://github.com/y_uuki)