LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 10-29-2003, 04:26 PM   #1
petrax
LQ Newbie
 
Registered: Oct 2003
Location: Canberra,Aust
Distribution: Redhat
Posts: 2

Rep: Reputation: 0
iptables accounting rules


I am attempting to use ipac-ng to setup some ip-accounting rules with iptables.
I want to make sure I capturing all my internet traffic with these rules.

my net-config is LAN: eth0 Internet : ppp0
note my rp-pppoe is bound to eth0 as well.

internet download
# router
iptables -I INPUT 1 -i ppp0
# rest of network
iptables -I FORWARD -s 192.168.0.1/24 -d ! 192.168.0.1 -i eth0


I'm hoping that the FORWARD rule doesn't double count the INPUT rule.
 
Old 11-10-2003, 09:09 PM   #2
clacour
Member
 
Registered: Sep 2003
Location: Dallas, Tx, USA
Distribution: Red Hat, Gentoo, Libranet
Posts: 98

Rep: Reputation: 16
I'm not absolutely certain, but I don't believe it will.

There are three built-in chains in the FILTER table: INPUT, FORWARD, and OUTPUT. From the description in the man page (man iptables), it seems pretty clear that it distiguishes between packets aimed at the box (INPUT) and packets just passing through (FORWARD).

Two comments:

What's the "-d ! 192.168.0.1" for? Because of the stuff I just mentioned, I don't think the FORWARD rule would ever see such a packet, but I don't see any harm in leaving the possibility that it might route something to itself. (Actually, I just thought of something. I'm making a (possibly unwarranted) assumption that the box these rules are for is 192.168.0.1. If it's not, ignore this.)

Second, you might want to change the "-I" to "-A". "-I" stands for insert, and it will insert the rule at the top of the chain. This means the last rule you have pertaining to a particular chain will be the first one checked (and the second-to-last will be the second checked, and so on until if finally gets to the first rule.)

Most people use "-A" (for append) so that the rules get added to the chain in the same order that they are in the iptables file. If you like RPN logic, there's nothing wrong with using the "-I", but I wanted to make sure you knew what it was doing.

Hope this helps,

CHL
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Iptables Rules metallica1973 Linux - Security 26 09-14-2005 12:10 AM
IPTABLES - rules in /etc/sysconfig/iptables The_JinJ Linux - Newbie 6 11-20-2004 01:40 AM
IP-Accounting by iptables? TobyD Linux - Networking 2 11-15-2004 06:59 PM
iptables traffic accounting for each IP/MAC sheyh Linux - Networking 0 07-11-2004 04:55 PM
iptables rules Darin Linux - Security 1 01-23-2003 04:32 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 04:27 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration