On 2/18/23 21:09, Samuel Sieb wrote:
On 2023-02-18 18:35, ToddAndMargo via users wrote:
> On 2/18/23 18:31, Samuel Sieb wrote:
>> On 2023-02-18 17:10, ToddAndMargo via users wrote:
>>> On 2/18/23 16:59, Samuel Sieb wrote:
>>>> lsof -i tcp:6556
>>>
>>> Pretty!
>>>
>>> # lsof -i udp:3780
>>> COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
>>> conntrack 5617 root 6u IPv4 33770 0t0 UDP *:nnp
>>>
>>>
>>> I am using iptables. Do you think I can just remove
>>> conntrack?
>>
>> Check the full command for that PID because I wouldn't expect the
>> firewall to have a process like that.
>
> $ ps ax | grep [5]617
> 5617 ? Ss 0:03 /usr/sbin/conntrackd -C
> /etc/conntrackd/conntrackd.conf
>
> I also looked at
>
> # dnf remove conntrack
> Dependencies resolved.
> ================================================================================
> Package Arch Version
> Repository Size
> ================================================================================
> Removing:
> conntrack-tools x86_64 1.4.6-4.fc37 @fedora
> 670 k
> Removing unused dependencies:
> libnetfilter_cthelper x86_64 1.0.0-22.fc37 @fedora
> 43 k
> libnetfilter_cttimeout x86_64 1.0.0-20.fc37 @fedora
> 43 k
> libnetfilter_queue x86_64 1.0.5-3.fc37 @fedora
> 53 k
>
> Transaction Summary
> ================================================================================
> Remove 4 Packages
>
>
> No sign of iptables in that.
It's a process primarily for managing and synchronizing the connection
state in a cluster. I don't know why you have it installed, it's not
default for workstation at least.
Years and years ago, I installed from Xfce's Live USB.
A lot of weird stuff got installed when I upgraded
from fc36 to fc37. Netfilter for one, which did a job on
my iptables.
Did you do a server install?
No. I am a believer is doing a dead level
minimalist install and then adding what
services you need as they arise.
You can certainly delete it if you want.
Thank you for the confirmation Sam!
Oh and silly me! If I was worried about iptables
not working if I removed conntrack, all I had to do
was a simple test:
# systemctl stop conntrackd
And blessed silence in my log file. Test outgoing
ports I know are blocked with tcpping to verify
my firewall is still working. Then
# dnf remove conntrack
restart my firewall.
Happy camping has returned.
All these years I never knew how to trace down
what program was using what port in Linux.
I now have it written down!
Thank you all for the help!
-T
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If I had a dime every time I didn't know
what was going on, I'd be like, "Why is
everyone giving me all these dimes?"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~