Am 01.05.20 um 17:39 schrieb Jan Engelhardt: > On Friday 2020-05-01 17:09, Reindl Harald wrote: > >> how can it be that a single peer has 2.8 GB traffic and in the raw table >> the whole udp traffic is only 417M? > >> iptables --verbose --list --table raw >> Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes) > > Uh that's the policy counter, not the entire-table counter. and why do do you strip the other lines when nobody cares about the policy line at all? how did the 2.8 GB wireguard udp traffic magically pass the stateless raw table with only 417M bytes in the udp rule? iptables --verbose --list --table raw Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 17M 4378M INBOUND all -- wan any anywhere anywhere 22M 20G ACCEPT tcp -- any any anywhere anywhere 2802K 417M ACCEPT udp -- any any anywhere anywhere 3678K 299M ACCEPT icmp -- any any anywhere anywhere 256 131K DROP all -- any any anywhere anywhere
