Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 10-29-2003, 04:26 PM   #1
LQ Newbie
Registered: Oct 2003
Location: Canberra,Aust
Distribution: Redhat
Posts: 2

Rep: Reputation: 0
iptables accounting rules

I am attempting to use ipac-ng to setup some ip-accounting rules with iptables.
I want to make sure I capturing all my internet traffic with these rules.

my net-config is LAN: eth0 Internet : ppp0
note my rp-pppoe is bound to eth0 as well.

internet download
# router
iptables -I INPUT 1 -i ppp0
# rest of network
iptables -I FORWARD -s -d ! -i eth0

I'm hoping that the FORWARD rule doesn't double count the INPUT rule.
Old 11-10-2003, 09:09 PM   #2
Registered: Sep 2003
Location: Dallas, Tx, USA
Distribution: Red Hat, Gentoo, Libranet
Posts: 98

Rep: Reputation: 16
I'm not absolutely certain, but I don't believe it will.

There are three built-in chains in the FILTER table: INPUT, FORWARD, and OUTPUT. From the description in the man page (man iptables), it seems pretty clear that it distiguishes between packets aimed at the box (INPUT) and packets just passing through (FORWARD).

Two comments:

What's the "-d !" for? Because of the stuff I just mentioned, I don't think the FORWARD rule would ever see such a packet, but I don't see any harm in leaving the possibility that it might route something to itself. (Actually, I just thought of something. I'm making a (possibly unwarranted) assumption that the box these rules are for is If it's not, ignore this.)

Second, you might want to change the "-I" to "-A". "-I" stands for insert, and it will insert the rule at the top of the chain. This means the last rule you have pertaining to a particular chain will be the first one checked (and the second-to-last will be the second checked, and so on until if finally gets to the first rule.)

Most people use "-A" (for append) so that the rules get added to the chain in the same order that they are in the iptables file. If you like RPN logic, there's nothing wrong with using the "-I", but I wanted to make sure you knew what it was doing.

Hope this helps,



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Iptables Rules metallica1973 Linux - Security 26 09-14-2005 12:10 AM
IPTABLES - rules in /etc/sysconfig/iptables The_JinJ Linux - Newbie 6 11-20-2004 01:40 AM
IP-Accounting by iptables? TobyD Linux - Networking 2 11-15-2004 06:59 PM
iptables traffic accounting for each IP/MAC sheyh Linux - Networking 0 07-11-2004 04:55 PM
iptables rules Darin Linux - Security 1 01-23-2003 04:32 PM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 08:05 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration