Le mercredi 14 décembre 2011 à 19:19 +0530, Anand Raj Manickam a écrit : > A clarification : > If its about flow based accounting , wont the below rules double the counter ? > # iptables -I INPUT -p tcp --sport 80 -j NFACCT --nfacct-name > http-traffic# iptables -I OUTPUT -p tcp --dport 80 -j NFACCT > --nfacct-name http-traffic > > Basically yes (if you want to account both input and output trafic) If you want to separate counters, use : # iptables -I INPUT -p tcp --sport 80 -j NFACCT --nfacct-name http-traffic-in # iptables -I OUTPUT -p tcp --dport 80 -j NFACCT --nfacct-name http-traffic-out ? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
