From: Tom Eastep <[email protected]> > On 07/22/2013 03:12 AM, John Doe wrote: >> I have a vpn on an adsl line and I wanted to add its traffic to the adsl >> accounting. >> The two separated accounting rules seem to work fine. >> >> all_vpn - eth0:192.168.0.0/16 tun0 tcp >> all_vpn - tun0 eth0:192.168.0.0/16 tcp >> all_vpn - eth0:192.168.0.0/16 tun0 udp >> all_vpn - tun0 eth0:192.168.0.0/16 udp >> COUNT all_vpn eth0:192.168.16.0/24 tun0 >> COUNT all_vpn tun0 eth0:192.168.16.0/24 >> >> all_sdsl - eth0:192.168.0.0/16 eth1 tcp >> all_sdsl - eth1 eth0:192.168.0.0/16 tcp >> all_sdsl - eth0:192.168.0.0/16 eth1 udp >> all_sdsl - eth1 eth0:192.168.0.0/16 udp >> COUNT all_sdsl eth0:192.168.16.0/24 eth1 >> COUNT all_sdsl eth1 eth0:192.168.16.0/24 >> >> But if I try to also (I keep the vpn rule too) include the vpn interface to > the sdsl rule, the sdsl accounting does not work anymore... > > What does 'not work anymore' mean? Can you show us the output of > 'shorewall show' to illustrate?
Without the vpn "rules" in the sdsl accounting, I get expected values. With the vpn "rules" in the sdsl accounting, I get wrong values. I do not have much traffic on the vpn but I suspect that these wrong values were the vpn values (replacing somehow the sdsl values)... Shorewall show just shows the same rules... Chain accounting (3 references) pkts bytes target prot opt in out source destination 3846 557K all_sdsl tcp -- eth0 eth1 192.168.0.0/16 0.0.0.0/0 3686 1811K all_sdsl tcp -- eth1 eth0 0.0.0.0/0 192.168.0.0/16 38 3269 all_sdsl udp -- eth0 eth1 192.168.0.0/16 0.0.0.0/0 38 5994 all_sdsl udp -- eth1 eth0 0.0.0.0/0 192.168.0.0/16 0 0 all_vpn tcp -- eth0 tun0 192.168.0.0/16 0.0.0.0/0 0 0 all_vpn tcp -- tun0 eth0 0.0.0.0/0 192.168.0.0/16 0 0 all_vpn udp -- eth0 tun0 192.168.0.0/16 0.0.0.0/0 0 0 all_vpn udp -- tun0 eth0 0.0.0.0/0 192.168.0.0/16 I cannot retry the non working scenario right now... Thx, JD ------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
