* Logging all packets going past an interface when masquerading
@ 2004-01-19 18:41 David Cannings
0 siblings, 0 replies; only message in thread
From: David Cannings @ 2004-01-19 18:41 UTC (permalink / raw)
To: netfilter
Hi,
I've created a chain called COUNTER with rules that have no target. It's
purpose is to simply count packets as they go past interfaces. The rules
in it are created like so:
iptables -A COUNTER -i eth0
I send all packets from the chains INPUT and OUTPUT to this chain and the
counters increment as desired. This works absolutely fine. However, the
machine I am running this on is using masquerading. If I also link to
the COUNTER chain from FORWARD, like..
iptables -I FORWARD -j COUNTER
.. it appears that masqueraded packets are also accounted for. Is this
the case though? By the looks of some crude tests, it seems that the
packet counts/bytes are correct but I'd just like some confirmation that
this is the case and I don't have to also use the PREROUTING/POSTROUTING
in order to count packets coming from the LAN (eth0) and going out across
my ATM link.
Thanks,
David
david [at] edeca [dot] net
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2004-01-19 18:41 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2004-01-19 18:41 Logging all packets going past an interface when masquerading David Cannings
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.