Bug 43640 - netstat -M breaks when using iptables
Summary: netstat -M breaks when using iptables
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: net-tools   
(Show other bugs)
Version: 8.0
Hardware: All Linux
Target Milestone: ---
Assignee: Phil Knirsch
QA Contact: David Lawrence
: 54824 (view as bug list)
Depends On:
TreeView+ depends on / blocked
Reported: 2001-06-06 00:23 UTC by William Hester
Modified: 2015-03-05 01:09 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2003-05-19 12:30:55 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description William Hester 2001-06-06 00:23:06 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux 2.4.2-2001-05-19 i686; en-US;
rv:0.9) Gecko/20010507

Description of problem:
When I switched from ipchains to iptables, netstat -M stopped working.

This functionality was previously duplicated with "ipfwadm -M -l" and
"ipchains -M -L".  It appears that iptables has no such functionality.

How reproducible:

Steps to Reproduce:
1. Use iptables for IP Masquerading
2. Run "netstat -M"


Actual Results:  netstat: no support for `ip_masquerade' on this system.

Expected Results:  netstat should have listed the current IPMasqurading

Additional info:

I realize that this bug may be due to the new netfilter code in kernel 2.4,
but I think that the complete loss of "netstat -M" functionality is

Comment 1 Phil Knirsch 2002-02-14 15:16:52 UTC
*** Bug 54824 has been marked as a duplicate of this bug. ***

Comment 2 Chris Ricker 2002-07-10 02:15:33 UTC
This is still true with RHL 7.3

Comment 3 Chris Ricker 2002-10-04 22:08:50 UTC
This is still broken in RHL 8.0

Comment 4 Phil Knirsch 2003-05-19 12:30:55 UTC
Unfortunately net-tools hasen't been maintained for over 2 years upstream, so
netstat doesn't support iptables in that respect.

What you can always do is to this:

  modprobe ip_conntrack

and whenever you need the info do:

  cat /proc/net/ip_conntrack

Hope this helps,

Read ya, Phil

Note You need to log in before you can comment on or make changes to this bug.