On 3/2/07, Daniel Iliev <[EMAIL PROTECTED]> wrote:
CapSel wrote: > On 3/1/07, *Boyd Stephen Smith Jr.* <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > > That would be correct, since every forwarded packet passes though > both the > pre-routing and post-routing chains, so you are counting every > packet (at > least those that are not dropped in the FORWARD chain) twice. > > > I don't fully understand how is that possible that my rules count > packet twice, could you explain it more briefly? > > I specified -i eth0 in PREROUTING and -o eth0 in POSTROUTING. Isn't > this correct way to count packets only once? ...and I'm getting values > only from chain 'stat', which is called only from PREROUTING and > POSTROUTING with specified network interface respectively to direction > (-i/-o eth0). > So in my opinion a packet traveling through the router to my network > passes only once through 'stats' as it is accepted only in PREROUTING > with -i eth0, and not in POSTROUTING with -o eth0, as it goes out from > eth1. Am I correct? Perhaps this packet travel diagram will help: http://www.linuxnetmag.com/share/issue9/iptables3.jpg
To be totally sure - when packet arrives from internet to eth0 it passes through PREROUTING as packet "that comes from eth0", then it travels across FORWARD as packet "that comes from eth0 toward eth1", and finally it goes to POSTROUTING as packet "that wants to come out through eth1"? And if I have rules: -t mangle -A PREROUTING -i eth0 -j stats -t mangle -A POSTROUTING -o eth0 -j stats (there are no other rules that jumps to stats, and these are only rules in mangle table) how many times the packet would pass through 'stats'?
From witch places on this diagram iptraf takes values?
