Hi!
I am trying to use IPtables to keep track of network flow since my dorm
has a 500M limit per day...
here is part of my script taht deals with this matter
-------------------------------------
MYIP=`grep IPADDR /etc/dhcpc/dhcpcd-eth0.info |cut -d "=" -f 2`
#my school has 2 class B network
TRUST1=130.126.0.0
TRUST2=128.174.0.0
iptables -P FORWARD DROP
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
# create 2 chain just to keep the traffic info
iptables -N uiuc
iptables -N outside
# send teh packet to uiuc chain if it matches the 2 class B net
iptables -p tcp -A INPUT -s $TRUST1/16 -d $MYIP -j uiuc
iptables -p udp -A INPUT -s $TRUST1/16 -d $MYIP -j uiuc
iptables -p tcp -A INPUT -s $TRUST2/16 -d $MYIP -j uiuc
iptables -p udp -A INPUT -s $TRUST2/16 -d $MYIP -j uiuc
# return from those 2 chain, I think this is redundant
iptables -A uiuc -s 0/0 -d $MYIP -j RETURN
iptables -A outside -s 0/0 -d $MYIP -j RETURN
--------------------------------------------------------------------
the problem I am having right now is:
everytime I do a iptables -L -v to look at the counter, the rule
iptables -p udp -A INPUT -s $TRUST2/16 -d $MYIP -j uiuc
will increment the counter by 30 packets. and I am not sure where that's
coming from...I mean, exactly 30 packets everytime I run that command.
the source happens to be
uiuc-ciscoloop-net.uiuc.edu/16
so my question is, would the router send some packet to me when I run that
command?
second question is:
for the user defined chain uiuc and outside, I am not seeing the counter
as the default chains..(when using iptables -L -v). is there any way to see
it?! or user defined chains just don't keep track of that kind of info?
thanks
chen
--
~ __ Freedom of Choice
'v' / / __ __ __ __ __ __ __
// \ / /__ / / / \/ / / /_/ / \ \/ /
/( )\ /_____/ /_/ /_/__/ /_____/ /_/_\
^`~'^
---------------------------------------------------------------------------
Send administrative requests to [EMAIL PROTECTED]
