Display the Natted / Routed Connections on a Linux Iptable Firewall
Q. I've Linux box acting as software router (natted) for over 100 computer connected via LAN. Regular netstat command is not displaying the list of all natted connections. How do I find out connections managed by netfilter / iptables which comes with the Debian 4.x system?
A. You cannot use regular netstat command to display NAT connections managed by iptables. You need to use netstat-nat command. You can also use /proc/net/ip_conntrack or /proc/net/nf_conntrack, which is the temporary conntrack storage of netfilter.
Install netstat-nat
Use apt-get command under Debian / Ubuntu Linux, enter:
$ sudo apt-get install netstat-nat
Source code / RPM file
If you are using Suse / Redhat Linux, grab source code or RPM file here:
How do I use netstat-nat command?
Login as root user and type the following to display list of all natted connections:
# netstat-nat -n
To display NAT connections with protocol selection, enter:
# netstat-nat -np
To display all connection by source IP called 192.168.1.100
# netstat-nat -s 192.168.1.100
To display all connections by destination IP/hostname called laptop, enter:
# netstat-nat -s laptop
To display SNAT connections, enter:
# netstat-nat -S
To display DNAT connections, enter:
# netstat-nat -D
To display only connections to NAT box self i.e. doesn’t show SNAT & DNAT, enter:
# netstat-nat -L
To display help, enter:
$ netstat-nat -h
$ man netstat-nat
Subscribe to our free e-mail newsletter or RSS feed to get all updates.
You can Email this page to a friend.
Related Other Helpful FAQs:
- Windows server display current TCP connections
- How do I find out what ports are listening/open on my Linux/FreeBSD server?
- Linux configure Network Address Translation or NAT
- Iptables setup masquerading for Linux firewall
- Redhat / CentOS / Fedora Linux Open Port
Discussion on This FAQ
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!
Tags: /proc/net/ip_conntrack, /proc/net/nf_conntrack, destination ip, Iptables, iptables conntrack, iptables howto, iptables natted connection, linux firewall, linux router, netstat-nat, netstat-nat command, protocol selection, root user, source ip, trace iptables nat connections



February 26th, 2008 at 1:07 pm
I’ve been using iptstate at home to look at connections, but it’s more like top for network connections through IPTables.
netstat-nat is a lot more flexible — especially when I have people over who are IMing and surfing all over the place.
Thanks for the info.