Not strictly true. It is the case if you have a -j clause, otherwise it
will continue down the chain.
--
Howard.
______________________________________________________
LANNet Computing Associates <http://www.lannet.com.au>
On Mon, 6 Nov 2000, Crossfire wrote:
> I have the distinct feeling that accounting in IP Chains follows the same
> rules as all other IP chains, which basically means, first match wins....
> so... if you have a rule that matches all hosts, it'll match, and no other
> rules will get processed... which means your individual hosts don't get
> accounted.
>
> --==============================================--
> Crossfire | This email was brought to you
> [EMAIL PROTECTED] | on 100% Recycled Electrons
> --==============================================--
>
> ----- Original Message -----
> From: "Gonzalo Servat" <[EMAIL PROTECTED]>
> To: "SLUG" <[EMAIL PROTECTED]>
> Sent: Monday, November 06, 2000 12:31 PM
> Subject: [SLUG] IPchains IP accounting question - Help! :)
>
>
> > Hi Slug'ers!
> >
> > I'm trying to set-up a linux box (redhat7) to do the IP accounting for
> > a bunch of servers that we host. We'd like to count exactly how much
> > incoming and outgoing traffic each of these machines are doing.
> >
> > This IP accounting box is currently just another node on the switch...
> > so it's NOT the main "default gateway" for all the servers that we host.
> >
> > So far, I've been able to count the TOTAL incoming and outgoing traffic
> > to the whole segment (X.X.X.0/24) but I can't get IPchains to count
> > traffic to/from individual IP addresses (the ipchains counter for the
> > specific IP address stays at 0 while the TOTAL counter increases).
> >
> > Is this because the IP accounting machine has to be the main default gw
> > (ie. forwarding packets) for all the hosted machines so that the traffic
> > actually goes through the IP accounting box?
> >
> > I'm trying to avoid the "single-point-of-failure" problem by making the
> > IP accounting box the main default gw for all the hosted systems so I'm
> > trying to get it to work as another node on the switch and the ethernet
> > card with Promiscious mode enabled, however if somebody can tell me that
> > I /have/ to make the IP accounting box the default GW for this to work
> > then I'll be forced to go along with the single-point-of-failure PC.
> >
> > Thanks in advance for any help.
> >
> > Regards,
> >
> > Gonzalo.
> >
> >
> > --
> > SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
> > More Info: http://slug.org.au/lists/listinfo/slug
>
>
>
>
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
