Since I updated my kernel to 2.6.36 (gentoo-sources), /proc/net/nf_conntrack and conntrack -L do NOT show "packets" and "bytes" even for ASSURED / REPLIED connections. It seems that both of these data (bytes and packets) have disappeared from conntrack/netfilter. Reproducible: Always Steps to Reproduce: 1. install gentoo-sources 2.6.36 2. cat /proc/net/nf_conntrack or conntrack -L Actual Results: ipv4 2 tcp 6 431998 ESTABLISHED src=10.215.144.48 dst=209.85.147.104 sport=52532 dport=80 src=209.85.147.104 dst=10.215.144.48 sport=80 dport=52532 [ASSURED] mark=0 secmark=0 use=2 Expected Results: tcp 6 73 TIME_WAIT src=10.215.144.7 dst=209.85.147.104 sport=35407 dport=80 packets=15 bytes=1386 src=209.85.147.104 dst=192.168.92.2 sport=80 dport=35407 packets=11 bytes=10180 [ASSURED] mark=1 use=1 (note "bytes" and "packets") Problem system: Linux inf-fw 2.6.36-gentoo-r5 #1 SMP Thu Dec 30 11:42:23 CET 2010 i686 AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ AuthenticAMD GNU/Linux nf_conntrack version 0.5.0
Apparently, newer kernel versions require the user to set: sysctl -w net.netfilter.nf_conntrack_acct=1 So issue is solved.
