From: Patrick McHardy <kaber@trash.net>
To: Renat Araslanow <tr0nd@bitel.ru>
Cc: Netfilter Development Mailinglist <netfilter-devel@lists.netfilter.org>
Subject: Re: [netfilter-core] strange iptables statistics =(
Date: Tue, 15 Jun 2004 22:32:37 +0200 [thread overview]
Message-ID: <40CF5CE5.8080601@trash.net> (raw)
In-Reply-To: <000901c45225$6166ef60$26a8a8c0@trondcyber>
Tbis belongs on netfilter-devel ..
Renat Araslanow wrote:
> hi!
>
> subj in iptables 1.26 on redhat 7.3 ipv4
>
> as u can see in "ufanets_out" chain there is 328 packets, but in chain
> "by_protocol_out" we see only 1 udp packet. i have one more ip range - and
> its reported ok. can u explain me this please? thanks in advance.
>
> PS% i dont see that similair bug is fixed in more modern versions of
> iptables - so don't yet upgraded.
>
> Chain OUTPUT (policy ACCEPT 3887 packets, 2621833 bytes)
> pkts bytes target prot opt in out source
> destination
> 9176 4237257 all -- * * 0.0.0.0/0
> 0.0.0.0/0
> 156 18884 ACCEPT all -- * * 0.0.0.0/0
> 213.24.120.72
> 5133 1596540 ACCEPT all -- * * 0.0.0.0/0
> 127.0.0.1
> 3887 2621833 accounting_out all -- * * 0.0.0.0/0
> 0.0.0.0/0
>
> Chain accounting_out (1 references)
> pkts bytes target prot opt in out source
> destination
> 3887 2621833 ufanet_nets_out all -- * * 0.0.0.0/0
> 0.0.0.0/0
> 3887 2621833 by_protocol_out all -- * * 0.0.0.0/0
> 0.0.0.0/0
>
> Chain ufanet_nets_out (1 references)
> pkts bytes target prot opt in out source
> destination
> 328 15649 RETURN all -- * * 0.0.0.0/0
> 213.24.120.70
>
> Chain by_protocol_out (1 references)
> pkts bytes target prot opt in out source
> destination
> 134 10790 udp -- * * 0.0.0.0/0
> 0.0.0.0/0
> 4 660 icmp -- * * 0.0.0.0/0
> 0.0.0.0/0
> 3049 2573511 tcp -- * * 0.0.0.0/0
> 0.0.0.0/0 multiport sports 80,8080,443
> 0 0 tcp -- * * 0.0.0.0/0
> 0.0.0.0/0 tcp spts:20:21
> 75 5883 tcp -- * * 0.0.0.0/0
> 0.0.0.0/0 multiport dports 110,25
>
> 1 121 udp -- * * 0.0.0.0/0
> 213.24.120.70
> 0 0 icmp -- * * 0.0.0.0/0
> 213.24.120.70
> 0 0 RETURN tcp -- * * 0.0.0.0/0
> 213.24.120.70 multiport sports 80,8080,443
> 0 0 RETURN tcp -- * * 0.0.0.0/0
> 213.24.120.70 tcp spts:20:21
> 0 0 RETURN tcp -- * * 0.0.0.0/0
> 213.24.120.70 multiport dports 110,25
>
>
next parent reply other threads:[~2004-06-15 20:32 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <000901c45225$6166ef60$26a8a8c0@trondcyber>
2004-06-15 20:32 ` Patrick McHardy [this message]
2004-06-15 22:19 ` [netfilter-core] strange iptables statistics =( Henrik Nordstrom
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=40CF5CE5.8080601@trash.net \
--to=kaber@trash.net \
--cc=netfilter-devel@lists.netfilter.org \
--cc=tr0nd@bitel.ru \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.