how to show active connections going through the router

Discussion in 'Networking Issues' started by hjma29, May 6, 2008.

  1. hjma29

    hjma29 Addicted to LI Member

    How can I see active connections going through my WRT-54GL using Tomato? I'm running dd-wrt and seems that I can't do it with it so I wonder if tomato can do this.

    I want to see detailed information like source/destination IP/port, protocol and TCP status flag. The output like "netstat -n" under windows cmd.

    I searched over web, this forum but couldn't find the answer so far.

    Thanks a lot!!
  2. mstombs

    mstombs Network Guru Member

    You can use "netstat -n" from the command line in Tomato, "netstat -a" seems to give more info. Maybe a different command would give similar in dd-wrt? netstat is a busybox command:

    # netstat -?
    netstat: illegal option -- ?
    BusyBox v1.2.2 (2008.04.20-18:57+0000) multi-call binary
    Usage: netstat [-laenrtuwx]
    Netstat displays Linux networking information.
            -l display listening server sockets
            -a display all sockets (default: connected)
            -e display other/more information
            -n don't resolve names
            -r display routing table
            -t tcp sockets
            -u udp sockets
            -w raw sockets
            -x unix sockets
  3. hjma29

    hjma29 Addicted to LI Member

    I did try "netstat -n" on dd-wrt linux shell but I believe those connections are ones terminated/sourced from the router, not the users traffic through the router.

    At the moment I'm typing, I only have 2 connections from "netstat -n", the port is telnet :23 while I have some HTTP links open through the router but "netstat -n" doesn't catch it at all.
  4. mstombs

    mstombs Network Guru Member

    sorry, I think you are correct its only connections to the router. How about

    cat /proc/net/ip_conntrack
  5. HennieM

    HennieM Network Guru Member

    netstat, or netstat -n (which is the same as just "netstat" but without resolving host names) would only show connections for the current user; i.e. if you are logged in to the router as root, netstat [-n] would only show connections for the root user.

    netstat -a shows connections for all users, including "userless" connections. This is also so for netstat on Windoze.

    With netstat -an you would see a connection for some PC on your LAN TO the router, and, if that PC is accessing a web page on the internet or something, you would see a separate connection FROM the router to some IP on the internet, exactly while those connections are active. I.e., as soon as a conversation between 2 hosts are done, the connection would not show any more. Very difficult to see which PC on your LAN is connecting to which IP on the internet.

    The ip_conntrack table as suggested by mstombs shows the connection tracking, listing the source and destination together. These connections are also shown for at least the TCP or UDP timeout periods; i.e. if a LAN PC connects to a web site now, and the page finished loading, that connection would still show as ESTABLISHED in the conntrack table for the TCP timeout period.
  6. hjma29

    hjma29 Addicted to LI Member

    thanks for both replies. I'll take a look at the commands when I go home tonight.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice