| 1 |
On Thursday 01 March 2007, CapSel <capsel@×××××.com> wrote |
| 2 |
about '[gentoo-user] iptraf vs iptables (mangle & access)': |
| 3 |
> I'm trying to count bandwidth and number of packets on my router with |
| 4 |
> rules like: |
| 5 |
> |
| 6 |
> iptables -t mangle -A PREROUTING -i eth0 -j stats |
| 7 |
> iptables -t mangle -A POSTROUTING -o eth0 -j stats |
| 8 |
> |
| 9 |
> iptables -t mangle -A stats -p tcp -s $ip -j ACCEPT |
| 10 |
> iptables -t mangle -A stats -p udp -s $ip -j ACCEPT |
| 11 |
> iptables -t mangle -A stats -p icmp -s $ip -j ACCEPT |
| 12 |
> |
| 13 |
> iptables -t mangle -A stats -p tcp -d $ip -j ACCEPT |
| 14 |
> iptables -t mangle -A stats -p udp -d $ip -j ACCEPT |
| 15 |
> iptables -t mangle -A stats -p icmp -d $ip -j ACCEPT |
| 16 |
> |
| 17 |
> Chain stats has policy set to ACCEPT. |
| 18 |
> |
| 19 |
> My script reads these values every minute and sets them to zero. |
| 20 |
> The problem is that numbers of packets are more than twice greater than |
| 21 |
> iptraf shows, but bandwidth seems to be correct. |
| 22 |
|
| 23 |
That would be correct, since every forwarded packet passes though both the |
| 24 |
pre-routing and post-routing chains, so you are counting every packet (at |
| 25 |
least those that are not dropped in the FORWARD chain) twice. |
| 26 |
|
| 27 |
-- |
| 28 |
Boyd Stephen Smith Jr. ,= ,-_-. =. |
| 29 |
bss03@××××××××××.net ((_/)o o(\_)) |
| 30 |
ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-' |
| 31 |
http://iguanasuicide.org/ \_/ |
| 32 |
New GPG Key! Old key expires 2007-03-25. Upgrade NOW! |
Archives