related to -z option

related to -z option

[rohit persaie]

Dear All,

There is one option in iptables .....-Z , used for  the  packet  and byte 
counters in all the chains.

Please tell me the use of this option, with example.

with regards ,

persaie

_________________________________________________________________
Take a loan. Win great prizes! Handsome prizes to be won!  Take a loan & win 
TV, Fridge & many more prizes ! http://go.msnserver.com/IN/44044.asp

Re: related to -z option

[Antony Stone]

On Wednesday 10 March 2004 11:47 am, rohit persaie wrote:

> Dear All,
>
> There is one option in iptables .....-Z , used for  the  packet  and byte
> counters in all the chains.
>
> Please tell me the use of this option, with example.

# clear the packet counters to zero
iptables -Z

# wait for some traffic to go through the machine (eg: come back tomorrow)
sleep 86400

# look at the counters now to find out how much traffic has matched each rule
iptables -L -nvx

# Repeat as long as the information interests you

Regards,

Antony.

-- 
Programming is a Dark Art, and it will always be. The programmer is
fighting against the two most destructive forces in the universe:
entropy and human stupidity. They're not things you can always
overcome with a "methodology" or on a schedule.

 - Damian Conway, Perl God

                                                     Please reply to the list;
                                                           please don't CC me.

Re: [despammed] related to -z option

[Andreas Kretschmer]

am  Wed, dem 10.03.2004, um 11:47:09 +0000 mailte rohit persaie folgendes:
> Dear All,
> 
> There is one option in iptables .....-Z , used for  the  packet  and byte 
> counters in all the chains.
> 
> Please tell me the use of this option, with example.

Please read the man-page:

 -Z, --zero [chain]
       Zero the packet and byte counters in all chains.  It  is  legal  to
       specify  the  -L, --list (list) option as well, to see the counters
       immediately before they are cleared. (See above.)


You can use iptable to count traffic, and you can reset the counters.


Andreas
-- 
Diese Message wurde erstellt mit freundlicher Unterstützung eines freilau-
fenden Pinguins aus artgerechter Freilandhaltung.   Er ist garantiert frei
von Micro$oft'schen Viren. (#97922 http://counter.li.org)     GPG 7F4584DA
Was, Sie wissen nicht, wo Kaufbach ist? Hier: N 51.05082°, E 13.56889° ;-)

Re: related to -z option

[Daniel Chemko]

If you have an accouting tool which doesn't handle accumulative 
statistics gathering, you will have to zero the counters right after the 
probe. Not ideal, but a hack to make some acocunting packages work.

Eg:
I probe an ipables rule ever 5 min.


Minute 0
    iptables -Z
    iptables -nvxL | grep ... | awk '{print $2}'
    5345
    iptables -Z
Minute 5
    iptables -nvxL | grep ... | awk '{print $2}'
    5454
    iptables -Z
Accounting with a non-acumulative counter == 5345,5454
Accounting with an acumulative counter == 5345,109 (wrong)


Minute 0
    iptables -Z
    iptables -nvxL | grep ... | awk '{print $2}'
    5345
Minute 5
    iptables -nvxL | grep ... | awk '{print $2}'
    10799
Accounting with a non-acumulative counter == 5345,10799 (wrong)
Accounting with an acumulative counter == 5345,5454


rohit persaie wrote:

> Dear All,
>
> There is one option in iptables .....-Z , used for  the  packet  and 
> byte counters in all the chains.
>
> Please tell me the use of this option, with example.
>
> with regards ,
>
> persaie
>
> _________________________________________________________________
> Take a loan. Win great prizes! Handsome prizes to be won!  Take a loan 
> & win TV, Fridge & many more prizes ! 
> http://go.msnserver.com/IN/44044.asp
>
>