From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by nuthatch.gentoo.org with esmtp (Exim 4.62)
	(envelope-from <gentoo-user+bounces-60834-garchives=archives.gentoo.org@gentoo.org>)
	id 1HN8WG-0007G6-2Y
	for garchives@archives.gentoo.org; Fri, 02 Mar 2007 14:14:00 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.14.0/8.14.0) with SMTP id l22ECkRB010329;
	Fri, 2 Mar 2007 14:12:46 GMT
Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.174])
	by robin.gentoo.org (8.14.0/8.14.0) with ESMTP id l22E8VpL005546
	for <gentoo-user@lists.gentoo.org>; Fri, 2 Mar 2007 14:08:31 GMT
Received: by ug-out-1314.google.com with SMTP id z38so733348ugc
        for <gentoo-user@lists.gentoo.org>; Fri, 02 Mar 2007 06:08:31 -0800 (PST)
DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed;
        d=gmail.com; s=beta;
        h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references;
        b=mVuR0bn4ooUevYWtR9WYNF0XzLzbAxGjP9iCgrtL2IOFLbzbJ5W2sYy7KQHZDnEnNJT7ejsggD8dkbTTMTC3tldvESzDqF5eHhepL+XxG2OdF9clR+doENJr1nt1NXsjZU7fg4jvg8zpmxZVwpwMJQ2xxQ88vUaedE1nTYR3YEE=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=beta;
        h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references;
        b=Y93/LOS8EVHbT/DzwD/hmDKbXpPkOHqXn0NU/T4dUMBrLN7FFnihwXKqNrrWoO/6Kkn+f8Xq0x4VNglgy6NG3QAGpEXXTFXVLz7rHBhV8QHumH5hfA1iadU/s1ug20/vktoTdgTaWRq2KZaKuouJeXxWdlBua+CRQu8CYDE16eI=
Received: by 10.114.135.1 with SMTP id i1mr229623wad.1172844510633;
        Fri, 02 Mar 2007 06:08:30 -0800 (PST)
Received: by 10.114.147.15 with HTTP; Fri, 2 Mar 2007 06:08:30 -0800 (PST)
Message-ID: <d03887390703020608h41a0d8e7me9ca1922f2149049@mail.gmail.com>
Date: Fri, 2 Mar 2007 15:08:30 +0100
From: CapSel <capsel@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] iptraf vs iptables (mangle & access)
In-Reply-To: <200703011559.20409.bss03@volumehost.net>
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Content-Type: multipart/alternative; 
	boundary="----=_Part_83718_3773729.1172844510597"
References: <d03887390703011121m2d21d3b9j5428d8e474dbfca0@mail.gmail.com>
	 <200703011559.20409.bss03@volumehost.net>
X-Archives-Salt: 09338cf6-6aea-4e04-8700-00c338cd83c3
X-Archives-Hash: d97d73768e054424016dabd66bfee654

------=_Part_83718_3773729.1172844510597
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

On 3/1/07, Boyd Stephen Smith Jr. <bss03@volumehost.net> wrote:
>
> That would be correct, since every forwarded packet passes though both the
> pre-routing and post-routing chains, so you are counting every packet (at
> least those that are not dropped in the FORWARD chain) twice.


I don't fully understand how is that possible that my rules count packet
twice, could you explain it more briefly?

I specified -i eth0 in PREROUTING and -o eth0 in POSTROUTING. Isn't this
correct way to count packets only once? ...and I'm getting values only from
chain 'stat', which is called only from PREROUTING and POSTROUTING with
specified network interface respectively to direction (-i/-o eth0).
So in my opinion a packet traveling through the router to my network passes
only once through 'stats' as it is accepted only in PREROUTING with -i eth0,
and not in POSTROUTING with -o eth0, as it goes out from eth1. Am I correct?

------=_Part_83718_3773729.1172844510597
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

On 3/1/07, <b class="gmail_sendername">Boyd Stephen Smith Jr.</b> &lt;<a href="mailto:bss03@volumehost.net">bss03@volumehost.net</a>&gt; wrote:<div><span class="gmail_quote"></span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
That would be correct, since every forwarded packet passes though both the<br>pre-routing and post-routing chains, so you are counting every packet (at<br>least those that are not dropped in the FORWARD chain) twice.</blockquote>
<div><br>I don&#39;t fully understand how is that possible that my rules count packet twice, could you explain it more briefly?<br><br>I specified -i eth0 in PREROUTING and -o eth0 in POSTROUTING. Isn&#39;t this correct way to count packets only once? ...and I&#39;m getting values only from chain &#39;stat&#39;, which is called only from PREROUTING and POSTROUTING with specified network interface respectively to direction (-i/-o eth0).
<br>So in my opinion a packet traveling through the router to my network passes only once through &#39;stats&#39; as it is accepted only in PREROUTING with -i eth0, and not in POSTROUTING with -o eth0, as it goes out from eth1. Am I correct?
<br></div></div>

------=_Part_83718_3773729.1172844510597--
-- 
gentoo-user@gentoo.org mailing list