nfconntrack

nfconntrack, short for Netfilter connection tracking, is the Linux kernel subsystem responsible for maintaining state information about active network connections as they pass through the system. It is a core component of the Netfilter framework and underpins stateful firewalling and network address translation (NAT).

The subsystem keeps a conntrack table containing one entry per active connection. Each entry records the 5-tuple

nfconntrack supports NAT in addition to tracking, enabling dynamic port and address translation for connections. It

Management and usage are commonly performed through user-space tools such as conntrack-tools or through high-level firewall

nfconntrack is implemented for both IPv4 and IPv6 within Netfilter. It replaced older ip_conntrack functionality and