getKT

How to display NAT table: Natted connection on router running on Linux

neotam Avatar
neotam
How to display NAT table: Natted connection on router running on Linux
Posted on :
, ,

Tags :

,

The command netstat-nat is helpful to display natted connection in other words NAT translation table. With this netsta-nat command we can see local IP and port number that is bound to destination IP and port along with protocol(TCP/UDP) for connections which are made from private network to public network (or other network)

natstat-nat command will be available on all kind of router based on linux(busybox). You may login to router using telnet. If computer system is being used as router, you can install netstat-nat using distribution specific package manager

Install netstat-nat on Debian based systems(ubuntu) using apt

apt install netstat-nat

netstat-nat Displays NAT connections managed by netfilter/iptables for netstat-nat to work, it is essential to enable netfilter in kernel

Command netstat-nat reads the information from proc file system from following two files

  • /proc/net/ip_conntrack
  • /proc/net/nf_conntrack

in case if netstat-nat is not available raw information about natted connection can be found files mentioned above

netstat-nat command syntax 

netstat-nat [option]
netstat-nat [-S|-D|-L|-R] [-no]
netstat-nat [-nxo]

Available OPTIONS 

       -h: displays this help
       -n: don't resolve host/portnames
       -p   : display connections by protocol
       -s   : display connections by source
       -d : display connections by destination
       -S: display SNAT connections
       -D: display DNAT connections (default: SNAT & DNAT)
       -L: display only connections to NAT box itself (doesn't show SNAT & DNAT)
       -R: display only connections routed through the NAT box (doesn't show SNAT & DNAT)
       -x: extended hostnames view
       -r src | dst | src-port | dst-port | state : sort connections
       -o: strip output header
       -N: display NAT box connection information (only valid with SNAT & DNAT)
       -v: print version

Display connection for TCP filtered by given source host

netstat-nat -p tcp -s 192.168.1.12

This command will display only tcp natted connections filtered by given source IP

Display SNAT(Source NAT) connection

netstat-nat -S

Display DNAT (Destination NAT) Connections

netstat-nat -D

Other commands to get useful information from netstat-nat

List all natted connections

netstat-nat -n

Display NAT connection with protocol 

netstat-nat -np

List all connection by source IP 

netstat-nat -s 192.168.4.50

List only connection of NAT box but not SNAT or DNAT

netstat-nat -L

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending News

Find Us On