On Thu, Jan 06, 2005 at 11:51:18PM +1100, Matthew Palmer wrote: > On Thu, Jan 06, 2005 at 01:47:39PM +0100, Marcin Owsiany wrote: > > Therefore I would like to somehow attach a "label" (like "server-in" or > > "lan-http" or "other") directly to iptables -L output. Then I would just > > have > > to use the label in two places: the chain setup script, and the counter > > reading > > script. Is there some way to do that? I don't want to use line numbers, > > since > > they change too much and way too often (e.g.at the time any rule is > > removed). > > I don't know how it does it, but have a look at ipac-ng
Thanks, looks nice, especially if I could add an RRD backend... > -- it does precisely > this same thing. I don't think it uses any sort of tag thing. Looks like it makes a note of the rules in /var/run/ipac.rules and then uses line numbers on collect time. Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
