* bytes counting @ 2004-04-23 13:42 Arrizabalaga, Saioa 2004-04-23 15:04 ` Antony Stone 2004-04-23 17:22 ` Joao TERRA 0 siblings, 2 replies; 6+ messages in thread From: Arrizabalaga, Saioa @ 2004-04-23 13:42 UTC (permalink / raw) To: netfilter Hello everyone, I have been reading some mails in this listing and it is said the best place to count bytes/packets is the mangle table, but I have a problem. I have three network cards in my linux box: eth0 (private LAN), eth1 (private LAN) and eth2 (internet). I would like to count the bytes/packets from/to 192.168.0.50 (it is in eth0) that goes/comes to/from internet (eth2). These are the rules I have: iptables -A POSTROUTING -t mangle -o eth2 -s 192.168.0.50 With this rule I catch all the packets going from 192.168.0.50 to eth2, but I know where to put the rule to catch the packets going from eth2 to 192.168.0.50, because as far as I can see it, when I put the rule: iptables -A PREROUTING -t mangle -i eth2 -d 192.168.0.50 nothing is caught because the packet has not been SNAT-ed yet. Am I wrong? Any help would be appreciated. Saioa Arrizabalaga ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: bytes counting 2004-04-23 13:42 bytes counting Arrizabalaga, Saioa @ 2004-04-23 15:04 ` Antony Stone 2004-04-23 17:22 ` Joao TERRA 1 sibling, 0 replies; 6+ messages in thread From: Antony Stone @ 2004-04-23 15:04 UTC (permalink / raw) To: netfilter On Friday 23 April 2004 2:42 pm, Arrizabalaga, Saioa wrote: > Hello everyone, > > I have been reading some mails in this listing and it is said the best > place to count bytes/packets is the mangle table, but I have a problem. > > iptables -A POSTROUTING -t mangle -o eth2 -s 192.168.0.50 > > With this rule I catch all the packets going from 192.168.0.50 to eth2, > but I don't know where to put the rule to catch the packets going from eth2 > to 192.168.0.50, because as far as I can see it, when I put the rule: > iptables -A PREROUTING -t mangle -i eth2 -d 192.168.0.50 nothing is > caught because the packet has not been SNAT-ed yet. Am I wrong? You are not wrong, no, so put the rule in the FORWARD mangle table - then you will see all the packets with their real addresses. PS: If you don't have a FORWARD mangle table, then upgrade your version of netfilter :) Regards, Antony. -- Christmas was just an opportunity to upgrade to kernel 2.6 while no-one was around to notice the downtime. Please reply to the list; please don't CC me. ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: bytes counting 2004-04-23 13:42 bytes counting Arrizabalaga, Saioa 2004-04-23 15:04 ` Antony Stone @ 2004-04-23 17:22 ` Joao TERRA 2004-04-23 17:54 ` Antony Stone 1 sibling, 1 reply; 6+ messages in thread From: Joao TERRA @ 2004-04-23 17:22 UTC (permalink / raw) To: netfilter You can put the rule on: #iptables -t mangle -I POSTROUTING -o INTERFACE_OF_192.168.0.50_SUBNET -d 192.168.0.50 then you can account in both directions separately ----- Original Message ----- From: "Arrizabalaga, Saioa" <sarrizabalaga@ceit.es> To: <netfilter@lists.netfilter.org> Sent: Friday, April 23, 2004 10:42 AM Subject: bytes counting Hello everyone, I have been reading some mails in this listing and it is said the best place to count bytes/packets is the mangle table, but I have a problem. I have three network cards in my linux box: eth0 (private LAN), eth1 (private LAN) and eth2 (internet). I would like to count the bytes/packets from/to 192.168.0.50 (it is in eth0) that goes/comes to/from internet (eth2). These are the rules I have: iptables -A POSTROUTING -t mangle -o eth2 -s 192.168.0.50 With this rule I catch all the packets going from 192.168.0.50 to eth2, but I know where to put the rule to catch the packets going from eth2 to 192.168.0.50, because as far as I can see it, when I put the rule: iptables -A PREROUTING -t mangle -i eth2 -d 192.168.0.50 nothing is caught because the packet has not been SNAT-ed yet. Am I wrong? Any help would be appreciated. Saioa Arrizabalaga ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: bytes counting 2004-04-23 17:22 ` Joao TERRA @ 2004-04-23 17:54 ` Antony Stone 2004-04-23 20:13 ` Joao TERRA 0 siblings, 1 reply; 6+ messages in thread From: Antony Stone @ 2004-04-23 17:54 UTC (permalink / raw) To: netfilter On Friday 23 April 2004 6:22 pm, Joao TERRA wrote: > You can put the rule on: > #iptables -t mangle -I POSTROUTING -o INTERFACE_OF_192.168.0.50_SUBNET -d > 192.168.0.50 > then you can account in both directions separately Unfortunately this would count bytes going to 192.168.0.50 from anywhere (including the other private LAN), not just from the Internet, which is what was required, I believe. Regards, Antony. > ----- Original Message ----- > From: "Arrizabalaga, Saioa" <sarrizabalaga@ceit.es> > To: <netfilter@lists.netfilter.org> > Sent: Friday, April 23, 2004 10:42 AM > Subject: bytes counting > > > Hello everyone, > > I have been reading some mails in this listing and it is said the best > place to count bytes/packets is the mangle table, but I have a problem. > > I have three network cards in my linux box: eth0 (private LAN), eth1 > (private LAN) and eth2 (internet). > > I would like to count the bytes/packets from/to 192.168.0.50 (it is in > eth0) that goes/comes to/from internet (eth2). > > These are the rules I have: > > iptables -A POSTROUTING -t mangle -o eth2 -s 192.168.0.50 > > With this rule I catch all the packets going from 192.168.0.50 to eth2, > but I know where to put the rule to catch the packets going from eth2 to > 192.168.0.50, because as far as I can see it, when I put the rule: > iptables -A PREROUTING -t mangle -i eth2 -d 192.168.0.50 nothing is > caught because the packet has not been SNAT-ed yet. Am I wrong? > > Any help would be appreciated. > > Saioa Arrizabalaga -- This email is intended for the use of the individual addressee(s) named above and may contain information that is confidential, privileged or unsuitable for overly sensitive persons with low self-esteem, no sense of humour, or irrational religious beliefs. If you have received this email in error, you are required to shred it immediately, add some nutmeg, three egg whites and a dessertspoonful of caster sugar. Whisk until soft peaks form, then place in a warm oven for 40 minutes. Remove promptly and let stand for 2 hours before adding some decorative kiwi fruit and cream. Then notify me immediately by return email and eat the original message. Please reply to the list; please don't CC me. ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: bytes counting 2004-04-23 17:54 ` Antony Stone @ 2004-04-23 20:13 ` Joao TERRA 2004-04-23 20:27 ` Antony Stone 0 siblings, 1 reply; 6+ messages in thread From: Joao TERRA @ 2004-04-23 20:13 UTC (permalink / raw) To: netfilter He'll have to make some adjustments.. "-s !" maybe resolv. ----- Original Message ----- From: "Antony Stone" <Antony@Soft-Solutions.co.uk> To: <netfilter@lists.netfilter.org> Sent: Friday, April 23, 2004 2:54 PM Subject: Re: bytes counting > On Friday 23 April 2004 6:22 pm, Joao TERRA wrote: > > > You can put the rule on: > > #iptables -t mangle -I POSTROUTING -o INTERFACE_OF_192.168.0.50_SUBNET -d > > 192.168.0.50 > > then you can account in both directions separately > > Unfortunately this would count bytes going to 192.168.0.50 from anywhere > (including the other private LAN), not just from the Internet, which is what > was required, I believe. > > Regards, > > Antony. > > > ----- Original Message ----- > > From: "Arrizabalaga, Saioa" <sarrizabalaga@ceit.es> > > To: <netfilter@lists.netfilter.org> > > Sent: Friday, April 23, 2004 10:42 AM > > Subject: bytes counting > > > > > > Hello everyone, > > > > I have been reading some mails in this listing and it is said the best > > place to count bytes/packets is the mangle table, but I have a problem. > > > > I have three network cards in my linux box: eth0 (private LAN), eth1 > > (private LAN) and eth2 (internet). > > > > I would like to count the bytes/packets from/to 192.168.0.50 (it is in > > eth0) that goes/comes to/from internet (eth2). > > > > These are the rules I have: > > > > iptables -A POSTROUTING -t mangle -o eth2 -s 192.168.0.50 > > > > With this rule I catch all the packets going from 192.168.0.50 to eth2, > > but I know where to put the rule to catch the packets going from eth2 to > > 192.168.0.50, because as far as I can see it, when I put the rule: > > iptables -A PREROUTING -t mangle -i eth2 -d 192.168.0.50 nothing is > > caught because the packet has not been SNAT-ed yet. Am I wrong? > > > > Any help would be appreciated. > > > > Saioa Arrizabalaga > > -- > This email is intended for the use of the individual addressee(s) named above > and may contain information that is confidential, privileged or unsuitable > for overly sensitive persons with low self-esteem, no sense of humour, or > irrational religious beliefs. > > If you have received this email in error, you are required to shred it > immediately, add some nutmeg, three egg whites and a dessertspoonful of > caster sugar. Whisk until soft peaks form, then place in a warm oven for 40 > minutes. Remove promptly and let stand for 2 hours before adding some > decorative kiwi fruit and cream. Then notify me immediately by return email > and eat the original message. > > Please reply to the list; > please don't CC me. > > > ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: bytes counting 2004-04-23 20:13 ` Joao TERRA @ 2004-04-23 20:27 ` Antony Stone 0 siblings, 0 replies; 6+ messages in thread From: Antony Stone @ 2004-04-23 20:27 UTC (permalink / raw) To: netfilter On Friday 23 April 2004 9:13 pm, Joao TERRA wrote: > He'll have to make some adjustments.. "-s !" maybe resolv. A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing on usenet and in e-mail? Regards, Antony. > ----- Original Message ----- > From: "Antony Stone" <Antony@Soft-Solutions.co.uk> > To: <netfilter@lists.netfilter.org> > Sent: Friday, April 23, 2004 2:54 PM > Subject: Re: bytes counting > > > On Friday 23 April 2004 6:22 pm, Joao TERRA wrote: > > > You can put the rule on: > > > #iptables -t mangle -I POSTROUTING -o > > INTERFACE_OF_192.168.0.50_SUBNET -d > > > > 192.168.0.50 > > > then you can account in both directions separately > > > > Unfortunately this would count bytes going to 192.168.0.50 from anywhere > > (including the other private LAN), not just from the Internet, which is > > what > > > was required, I believe. > > > > Regards, > > > > Antony. > > > > > ----- Original Message ----- > > > From: "Arrizabalaga, Saioa" <sarrizabalaga@ceit.es> > > > To: <netfilter@lists.netfilter.org> > > > Sent: Friday, April 23, 2004 10:42 AM > > > Subject: bytes counting > > > > > > > > > Hello everyone, > > > > > > I have been reading some mails in this listing and it is said the best > > > place to count bytes/packets is the mangle table, but I have a problem. > > > > > > I have three network cards in my linux box: eth0 (private LAN), eth1 > > > (private LAN) and eth2 (internet). > > > > > > I would like to count the bytes/packets from/to 192.168.0.50 (it is in > > > eth0) that goes/comes to/from internet (eth2). > > > > > > These are the rules I have: > > > > > > iptables -A POSTROUTING -t mangle -o eth2 -s 192.168.0.50 > > > > > > With this rule I catch all the packets going from 192.168.0.50 to eth2, > > > but I know where to put the rule to catch the packets going from eth2 > > > to 192.168.0.50, because as far as I can see it, when I put the rule: > > > iptables -A PREROUTING -t mangle -i eth2 -d 192.168.0.50 nothing is > > > caught because the packet has not been SNAT-ed yet. Am I wrong? > > > > > > Any help would be appreciated. > > > > > > Saioa Arrizabalaga > > > > -- > > This email is intended for the use of the individual addressee(s) named > > above > > > and may contain information that is confidential, privileged or > > unsuitable for overly sensitive persons with low self-esteem, no sense of > > humour, or irrational religious beliefs. > > > > If you have received this email in error, you are required to shred it > > immediately, add some nutmeg, three egg whites and a dessertspoonful of > > caster sugar. Whisk until soft peaks form, then place in a warm oven > > for > > 40 > > > minutes. Remove promptly and let stand for 2 hours before adding some > > decorative kiwi fruit and cream. Then notify me immediately by return > > email > > > and eat the original message. > > > > Please reply to the > > list; > > > please don't > > CC > > me. -- There are only 10 types of people in the world: those who understand binary notation, and those who don't. Please reply to the list; please don't CC me. ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2004-04-23 20:27 UTC | newest] Thread overview: 6+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2004-04-23 13:42 bytes counting Arrizabalaga, Saioa 2004-04-23 15:04 ` Antony Stone 2004-04-23 17:22 ` Joao TERRA 2004-04-23 17:54 ` Antony Stone 2004-04-23 20:13 ` Joao TERRA 2004-04-23 20:27 ` Antony Stone
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.