diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt
index 62ed95c68..b722ca0ed 100644
--- a/Shorewall/changelog.txt
+++ b/Shorewall/changelog.txt
@@ -2,6 +2,8 @@ Changes in Shorewall 4.4.14
 
 1)  Support ipset lists.
 
+2)  Use conntrack in 'shorewall connections'
+
 Changes in Shorewall 4.4.13
 
 1)  Allow zone lists in rules SOURCE and DEST.
diff --git a/Shorewall/lib.cli b/Shorewall/lib.cli
index 9cd898587..16003b0cf 100644
--- a/Shorewall/lib.cli
+++ b/Shorewall/lib.cli
@@ -524,11 +524,17 @@ show_command() {
     case "$1" in
 	connections)
 	    [ $# -gt 1 ] && usage 1
-	    local count=$(cat /proc/sys/net/netfilter/nf_conntrack_count)
-	    local max=$(cat /proc/sys/net/netfilter/nf_conntrack_max)
-	    echo "$g_product $SHOREWALL_VERSION Connections ($count out of $max) at $g_hostname - $(date)"
-	    echo
-	    [ -f /proc/net/ip_conntrack ] && cat /proc/net/ip_conntrack || grep -v '^ipv6' /proc/net/nf_conntrack
+	    if mywhich conntrack ; then
+		echo "$g_product $SHOREWALL_VERSION Connections at $g_hostname - $(date)"
+		echo
+		conntrack -f ipv4 -L
+	    else
+		local count=$(cat /proc/sys/net/netfilter/nf_conntrack_count)
+		local max=$(cat /proc/sys/net/netfilter/nf_conntrack_max)
+		echo "$g_product $SHOREWALL_VERSION Connections ($count out of $max) at $g_hostname - $(date)"
+		echo
+		[ -f /proc/net/ip_conntrack ] && cat /proc/net/ip_conntrack || grep -v '^ipv6' /proc/net/nf_conntrack
+	    fi
 	    ;;
 	nat)
 	    [ $# -gt 1 ] && usage 1
diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt
index d39c36a0f..d8c282c41 100644
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@@ -23,6 +23,9 @@ None.
 1)  On systems running Upstart, shorewall-init cannot reliably start the
     firewall before interfaces are brought up.
 
+2)  Shorewall now uses the 'conntrack' utility for 'show connections'
+    if that utility is installed.
+
 ----------------------------------------------------------------------------
       I I I.  N E W   F E A T U R E S   I N   T H I S  R E L E A S E
 ----------------------------------------------------------------------------
diff --git a/Shorewall6/lib.cli b/Shorewall6/lib.cli
index bb92dd839..a332fbfe1 100644
--- a/Shorewall6/lib.cli
+++ b/Shorewall6/lib.cli
@@ -448,11 +448,17 @@ show_command() {
     case "$1" in
 	connections)
 	    [ $# -gt 1 ] && usage 1
-	    local count=$(cat /proc/sys/net/netfilter/nf_conntrack_count)
-	    local max=$(cat /proc/sys/net/netfilter/nf_conntrack_max)
-	    echo "$g_product $SHOREWALL_VERSION Connections ($count of $max) at $g_hostname - $(date)"
-	    echo
-	    grep '^ipv6' /proc/net/nf_conntrack | sed -r 's/0000:/:/g; s/:::+/::/g; s/:0+/:/g'
+	    if mywhich conntrack ; then
+		echo "$g_product $SHOREWALL_VERSION Connections at $g_hostname - $(date)"
+		echo
+		conntrack -f ipv6 -L
+	    else
+		local count=$(cat /proc/sys/net/netfilter/nf_conntrack_count)
+		local max=$(cat /proc/sys/net/netfilter/nf_conntrack_max)
+		echo "$g_product $SHOREWALL_VERSION Connections ($count of $max) at $g_hostname - $(date)"
+		echo
+		grep '^ipv6' /proc/net/nf_conntrack | sed -r 's/0000:/:/g; s/:::+/::/g; s/:0+/:/g'
+	    fi
 	    ;;
 	tos|mangle)
 	    [ $# -gt 1 ] && usage 1