correct use of the protocol filter parameter --state

Question

Could someone help me understand the correct use of the protocol filter parameter --state. I figure it would be something like this "conntrack -L -p TCP --state ESTABLISHED" but 2 different versions of conntrack-tools give the same error (conntrack v1.2.1 (conntrack-tools): unknown option --state, Try conntrack -h or conntrack --help for more information.)

Is ts a deprecated parameter? What I'm trying to do is to selectively delete entries that are in a particular state. For instance TCP SYN_SENT, or UDP UNREPLIED.

Answer 1

Don't capitalize the protocol.

 conntrack -L -p tcp --state SYN_SENT

Comments

Thanks, this works.  is there a way to do something similar with UDP. Like to filter the entries in UNREPLIED state?

---

No, there does not appear to be.