From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.62) (envelope-from <gentoo-user+bounces-60834-garchives=archives.gentoo.org@gentoo.org>) id 1HN8WG-0007G6-2Y for garchives@archives.gentoo.org; Fri, 02 Mar 2007 14:14:00 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.14.0/8.14.0) with SMTP id l22ECkRB010329; Fri, 2 Mar 2007 14:12:46 GMT Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.174]) by robin.gentoo.org (8.14.0/8.14.0) with ESMTP id l22E8VpL005546 for <gentoo-user@lists.gentoo.org>; Fri, 2 Mar 2007 14:08:31 GMT Received: by ug-out-1314.google.com with SMTP id z38so733348ugc for <gentoo-user@lists.gentoo.org>; Fri, 02 Mar 2007 06:08:31 -0800 (PST) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=mVuR0bn4ooUevYWtR9WYNF0XzLzbAxGjP9iCgrtL2IOFLbzbJ5W2sYy7KQHZDnEnNJT7ejsggD8dkbTTMTC3tldvESzDqF5eHhepL+XxG2OdF9clR+doENJr1nt1NXsjZU7fg4jvg8zpmxZVwpwMJQ2xxQ88vUaedE1nTYR3YEE= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=Y93/LOS8EVHbT/DzwD/hmDKbXpPkOHqXn0NU/T4dUMBrLN7FFnihwXKqNrrWoO/6Kkn+f8Xq0x4VNglgy6NG3QAGpEXXTFXVLz7rHBhV8QHumH5hfA1iadU/s1ug20/vktoTdgTaWRq2KZaKuouJeXxWdlBua+CRQu8CYDE16eI= Received: by 10.114.135.1 with SMTP id i1mr229623wad.1172844510633; Fri, 02 Mar 2007 06:08:30 -0800 (PST) Received: by 10.114.147.15 with HTTP; Fri, 2 Mar 2007 06:08:30 -0800 (PST) Message-ID: <d03887390703020608h41a0d8e7me9ca1922f2149049@mail.gmail.com> Date: Fri, 2 Mar 2007 15:08:30 +0100 From: CapSel <capsel@gmail.com> To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] iptraf vs iptables (mangle & access) In-Reply-To: <200703011559.20409.bss03@volumehost.net> Precedence: bulk List-Post: <mailto:gentoo-user@lists.gentoo.org> List-Help: <mailto:gentoo-user+help@gentoo.org> List-Unsubscribe: <mailto:gentoo-user+unsubscribe@gentoo.org> List-Subscribe: <mailto:gentoo-user+subscribe@gentoo.org> List-Id: Gentoo Linux mail <gentoo-user.gentoo.org> X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_83718_3773729.1172844510597" References: <d03887390703011121m2d21d3b9j5428d8e474dbfca0@mail.gmail.com> <200703011559.20409.bss03@volumehost.net> X-Archives-Salt: 09338cf6-6aea-4e04-8700-00c338cd83c3 X-Archives-Hash: d97d73768e054424016dabd66bfee654 ------=_Part_83718_3773729.1172844510597 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline On 3/1/07, Boyd Stephen Smith Jr. <bss03@volumehost.net> wrote: > > That would be correct, since every forwarded packet passes though both the > pre-routing and post-routing chains, so you are counting every packet (at > least those that are not dropped in the FORWARD chain) twice. I don't fully understand how is that possible that my rules count packet twice, could you explain it more briefly? I specified -i eth0 in PREROUTING and -o eth0 in POSTROUTING. Isn't this correct way to count packets only once? ...and I'm getting values only from chain 'stat', which is called only from PREROUTING and POSTROUTING with specified network interface respectively to direction (-i/-o eth0). So in my opinion a packet traveling through the router to my network passes only once through 'stats' as it is accepted only in PREROUTING with -i eth0, and not in POSTROUTING with -o eth0, as it goes out from eth1. Am I correct? ------=_Part_83718_3773729.1172844510597 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline On 3/1/07, <b class="gmail_sendername">Boyd Stephen Smith Jr.</b> <<a href="mailto:bss03@volumehost.net">bss03@volumehost.net</a>> wrote:<div><span class="gmail_quote"></span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> That would be correct, since every forwarded packet passes though both the<br>pre-routing and post-routing chains, so you are counting every packet (at<br>least those that are not dropped in the FORWARD chain) twice.</blockquote> <div><br>I don't fully understand how is that possible that my rules count packet twice, could you explain it more briefly?<br><br>I specified -i eth0 in PREROUTING and -o eth0 in POSTROUTING. Isn't this correct way to count packets only once? ...and I'm getting values only from chain 'stat', which is called only from PREROUTING and POSTROUTING with specified network interface respectively to direction (-i/-o eth0). <br>So in my opinion a packet traveling through the router to my network passes only once through 'stats' as it is accepted only in PREROUTING with -i eth0, and not in POSTROUTING with -o eth0, as it goes out from eth1. Am I correct? <br></div></div> ------=_Part_83718_3773729.1172844510597-- -- gentoo-user@gentoo.org mailing list