Gentoo Archives: gentoo-user

From: CapSel <capsel@×××××.com>
To: gentoo-user@l.g.o
Subject: [gentoo-user] iptraf vs iptables (mangle & access)
Date: Thu, 01 Mar 2007 19:26:31
Message-Id: d03887390703011121m2d21d3b9j5428d8e474dbfca0@mail.gmail.com
1 I'm trying to count bandwidth and number of packets on my router with rules
2 like:
3
4 iptables -t mangle -A PREROUTING -i eth0 -j stats
5 iptables -t mangle -A POSTROUTING -o eth0 -j stats
6
7 iptables -t mangle -A stats -p tcp -s $ip -j ACCEPT
8 iptables -t mangle -A stats -p udp -s $ip -j ACCEPT
9 iptables -t mangle -A stats -p icmp -s $ip -j ACCEPT
10
11 iptables -t mangle -A stats -p tcp -d $ip -j ACCEPT
12 iptables -t mangle -A stats -p udp -d $ip -j ACCEPT
13 iptables -t mangle -A stats -p icmp -d $ip -j ACCEPT
14
15 Chain stats has policy set to ACCEPT.
16
17 My script reads these values every minute and sets them to zero.
18 The problem is that numbers of packets are more than twice greater than
19 iptraf shows, but bandwidth seems to be correct. Of course I divide those
20 numbers by 60 to get value per second.
21
22 Why this difference is so big, what could I done wrong?

Replies

Subject Author
[gentoo-user] Re: iptraf vs iptables (mangle & access) CapSel <capsel@×××××.com>
Re: [gentoo-user] iptraf vs iptables (mangle & access) "Boyd Stephen Smith Jr." <bss03@××××××××××.net>