LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Can't zero-out counters in iptables
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 02-25-2010, 12:15 AM   #1
didooofidooo
LQ Newbie
 
Registered: Feb 2010
Posts: 3

Rep: Reputation: 0
Can't zero-out counters in iptables

Hi everybody,

I have a problem with iptables, when I execute

Code:
iptables -Z INPUT
to zero out the chain, then execute

Code:
iptables -v -L INPUT
I find the chain's counters still the same, anyone knows why?

Thanks in advance.
Last edited by didooofidooo; 02-25-2010 at 02:53 PM. Reason: typo correction
 
Old 02-25-2010, 12:21 AM   #2
david1941
Member
 
Registered: May 2005
Location: St. Louis, MO
Distribution: CentOS7
Posts: 267

Rep: Reputation: 58
Using -Z [chain] zeros the counters. -X fails if any rules exist and does nothing.
 
1 members found this post helpful.
Old 02-25-2010, 09:52 AM   #3
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Also note that using -Z without specifying a chain wil reset the counters for all the chains. At least, it'll do that for the chains in the table you're working with (which is the filter table by default). To work with other tables just specify them, for example this command would reset the counters for all the chains in my nat table (PREROUTING, POSTROUTING, and OUTPUT):
Code:
iptables -Z -t nat
 
Old 02-25-2010, 02:02 PM   #4
didooofidooo
LQ Newbie
 
Registered: Feb 2010
Posts: 3

Original Poster
Rep: Reputation: 0
Thank you guys so much, but I'm afraid this is not the problem.

The problem is that the chains' counters never get zeroed-out .... I tried all possible syntax, but nothing.

the only way the counters get zeroed out, by restarting the iptables service, or changing the chain's policy.

but anyway, thanks again.
 
Old 02-25-2010, 02:24 PM   #5
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Quote:
Originally Posted by didooofidooo View Post
Thank you guys so much, but I'm afraid this is not the problem.

The problem is that the chains' counters never get zeroed-out .... I tried all possible syntax, but nothing.

the only way the counters get zeroed out, by restarting the iptables service, or changing the chain's policy.

but anyway, thanks again.
You said you were doing a -X to zero out the chains. That would never work, as it has nothing to do with the counters. To zero a chain you need to use -Z, which is what has been suggested here. Can you confirm whether the counters decrease at all when you do it? Sometimes the counters begin to increase almost immediately after being zeroed, due to normal traffic.
Last edited by win32sux; 02-25-2010 at 02:38 PM.
 
Old 02-25-2010, 02:51 PM   #6
didooofidooo
LQ Newbie
 
Registered: Feb 2010
Posts: 3

Original Poster
Rep: Reputation: 0
@win32sux : sorry that was just a typo, I'm using

iptables -t [table] -Z [chain]

to zero-out and

iptables -t [table] -v -L [chain]

to list the counters.

and about the counters being increased immediately after being zeroed-out, I don't think so, because the counters stays the same.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
hit counters icecubeflower General 6 11-24-2009 10:08 AM
centos: iptables -Z doesn't zero policy counters Berhanie Linux - Software 7 07-25-2008 02:35 PM
traffic counters blazkovskib Linux - Networking 1 11-03-2006 09:21 AM
Resetting eth0 RX and TX counters? rylan76 Linux - Networking 1 10-03-2005 04:02 AM
iptables counters? matthewa Linux - Security 1 09-27-2005 11:07 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:08 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration