On Fri, Jan 07, 2005 at 11:37:50AM -0800, Nathan Barham wrote: > Could you re-write your rules to be more specific and then use the > protocol:port info to glean what type of traffic it is?
I'm not saying that it is impossible to do. In fact it is what I'm doing at the moment. However it quickly becomes tedious and hard to maintain, as the number of rules grows, since you need to specify ALL the parameters twice - once in the chain setup rule, and once in the counter collection script. One mistake, and the statistics are wrong. What I would like to do, is to reduce the redundancy, by using some kind of a label instead of all the parameters each time. It looks like what I need to do is to write a script which will generate the two forementioned scripts... or write my own iptables plugin :) Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
