With conntrack-tools you can setup a High Availability cluster and
synchronize conntrack state between multiple firewalls.
The conntrack-tools package contains two programs:
- conntrack: the command line interface to interact with the connection
- conntrackd: the connection tracking userspace daemon that can be used to
deploy highly available GNU/Linux firewalls and collect
statistics of the firewall use.
conntrack is used to search, list, inspect and maintain the netfilter
connection tracking subsystem of the Linux kernel.
Using conntrack, you can dump a list of all (or a filtered selection of)
currently tracked connections, delete connections from the state table,
and even add new ones.
In addition, you can also monitor connection tracking events, e.g.
show an event message (one line) per newly established connection.
conntrack conntrack provides a full featured userspace interface to the netfilter connection tracking system that is intended to replace the old /proc/net/ip_conntrack... conntrackd conntrackd is the user-space daemon for the netfilter connection tracking system. This daemon synchronizes connection tracking states between several replica... nfct nfct is the command line tool that allows to configure the Connection Tracking System.