* nfacct + ipset usage
@ 2012-11-04 18:03 Arthur Titeica
0 siblings, 0 replies; only message in thread
From: Arthur Titeica @ 2012-11-04 18:03 UTC (permalink / raw)
To: Netfilter Users Mailing list
Hello,
I'm trying to get some numbers regarding the usage of certain services (vnc
and samba). For this I've created 2 accounting objects with nfacct and used
the bellow iptables rules.
# nfacct add vnc-test
# nfacct add smb-test
# iptables -A FORWARD -m set --match-set test src \
-m set --match-set test dst \
-m nfacct --nfacct-name vnc-test \
-p tcp --dport 5900:5902
# iptables -A FORWARD -m set --match-set test src \
-m set --match-set test dst \
-m nfacct --nfacct-name smb-test \
-p udp -m multiport --dports 137,138
# iptables -A FORWARD -m set --match-set test src \
-m set --match-set test dst \
-m nfacct --nfacct-name smb-test \
-p tcp -m multiport --dports 139,445
However, something seems wrong as I get the same numbers for both objects:
{ pkts = 00000000000000040947, bytes = 00000000000036315309 } = vnc-test;
{ pkts = 00000000000000040947, bytes = 00000000000036315309 } = smb-test;
Is there something I'm missing?
nfacct v1.0.0
iptables v1.4.16.2
kernek 3.6.5
Thank you!
--
Arthur Titeica
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2012-11-04 18:03 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-11-04 18:03 nfacct + ipset usage Arthur Titeica
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.