Capturing Connection Tracking Table on Vyatta Routers

If you are like me, Who went through the pain trying to capture Vyatta's connection-tracking table for trouble shooting purposes, You will find this article very helpfull,Capturing the contrack-table will help you get information about the IP addresses that comes in and out of your Vyatta routers with all the source and destination port numbers.

Because, The Vyatta routers don't save the conntrack-table by default on their logs, You will have to capture it manually by editing the crontab, So the idea for this blog is to show you how to configure the router to save the connection tracking information for the specified size and rotate value.

Step 1:

[log conntrack -L output to file at regular interval]

//root user

sudo su -

//editing crontab

crontab -e

//insert a new "conntrack -L" output to be saved every 5 minutes

==========

*/5 * * * data >> /var/log/conntrack_list.txt ; sudo conntrack -L >> /var/log/conntrack_list.txt

==========

ctrl+X, Y enter -> save

Step 2:

If you want to cap the size which i recommend you do, because it might fill up your hard disk space. use the following command to cap the size and rotate the file based on specified size limit, for this example i used the file size of 1M.

[steps to cap the file size]

==========

/var/log/conntrack_list.txt {

size 1000000

rotate 50

compress

}

==========

ctrl+X, Y enter -> save