HI Lennert, I've got quite a few ESTABLISHED,RELATED rules. These rules are for separate services and are quite specific. These rules wouldn't overlap each other through ESTABLISHED,RELATED. I've used RELATED to allow associated ICMP messages. Considering the amount of traffic passing through, the counts that are present represent only a very small part of the total. The only rules to gain any counts are in the input and output chains and they only increase when associated with connections made directly to the firewall. No forward rules increase at all, practically all of the rules are applied here in the FORWARD chain as you would expect for a bridge. The br_passthrough.o was compiled into the kernel as part of the bridge code, is there a reason for compiling it as a module?
Lewis -----Original Message----- From: Lennert Buytenhek [mailto:[EMAIL PROTECTED]] Sent: Saturday, 10 November 2001 12:18 AM To: Lewis Shobbrook Cc: Bridge (E-mail) Subject: Re: [Bridge] Bridge IPTABLES Counters not working Do you have an ESTABLISHED,RELATED rule, perhaps? Do you have the br_passthrough.o module loaded at all? On Fri, Nov 09, 2001 at 05:35:55PM +1100, Lewis Shobbrook wrote: > Hi all, > > I've noticed that the packet counters aren't working for any rules on the > FORWARD chain, and are only working on the input and output rules specific > to the firewall itself. > When I issue the command ... iptables -L -v -x ... , the counters all > list as zero. Anyone with a bridge firewall setup ( or bridge with an > assigned an IP) able to confirm this? > > Lewis > > > _______________________________________________ > Bridge mailing list > [EMAIL PROTECTED] > http://www.math.leidenuniv.nl/mailman/listinfo/bridge _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
