Hello there! I'm using some sort of accounting chains, created by me. Here an example:
iptables -N acc_01 iptables -A acc_01 -s 192.168.0.124 -o eth1 -j RETURN iptables -A acc_01 -d 192.168.0.124 -i eth1 -j RETURN iptables -I FORWARD -j acc_01 iptables -N acc_02 iptables -A acc_02 -s 192.168.0.139 -o eth1 -j RETURN iptables -A acc_02 -d 192.168.0.139 -i eth1 -j RETURN iptables -I FORWARD -j acc_02 Now, as I do "iptables -L FORWARD -nv" I get these lines: Chain FORWARD (policy ACCEPT 2460K packets, 959M bytes) pkts bytes target prot opt in out source destination 428 112K acc_CA all -- * * 0.0.0.0/0 0.0.0.0/0 428 112K acc_IN all -- * * 0.0.0.0/0 0.0.0.0/0 Looking at the pkts/bytes counts I notice that they're pretty the same value!!! What does this mean? Am I correct assuming that both counters have the same value because they're counting EACH packet that passes through those chains? If so, how do I get the exact byte-count for my user-defined chains? Or would it be better NOT to use "-j RETURN" target? Please give me some precious advice!!! THanx! Boniforti Flavio Informa Srl Via 42 Martiri, 165 28924 Verbania (VB) Tel +39 0323 586216 Fax +39 0323 586672 http://www.co-ver.it/informa
