On Fri, Dec 27, 2002 at 09:51:33AM -0600, Glover George wrote: > Now with iptables -t nat -L -v I can get some packet counters, but not > the complete number. Even still this would require constant polling > since before a delete, I could read the packet counters, but if I'm not > deleteing it, I would constantly have to poll it (the counters are > presented via a graphical interface, and will be polled every so many > seconds). So you see, I can't just go running iptables constantly. I don't see how you can get around the need to constantly run iptables, but if the lack of accurate numbers is the problem then simply add the -x flag to get the exact byte/packet counts: iptables -t nat -nxvL For doing it without running iptables I you may want to look at: http://www.netfilter.org/documentation/FAQ/netfilter-faq-4.html#ss4.1 HTH, -Ath -- - Athanasius = Athanasius(at)miggy.org / http://www.miggy.org/ Finger athan(at)fysh.org for PGP key "And it's me who is my enemy. Me who beats me up. Me who makes the monsters. Me who strips my confidence." Paula Cole - ME
Attachment:
pgp00233.pgp
Description: PGP signature