Yes,If you are using the limit match to control the number of log entries, is there any way to also show the number of matches?
# iptables -L -nv
-v option will show the number of packets that has hit the rule.
Thanks for the reply, but it seems I wasn't clear on my question. I was looking for a way to get the number logged, so when the log entry was written it would contain the number of matches that occurred during the log limit interval. If the log limit interval were set to 5 seconds, and it got 1000 matches in that 5 seconds, the log entry would contain the number 1000 in it somewhere. It seemed to me like a useful extension that would enable you to reduce log file sizes while still providing data on the frequency of events. Getting the counters from iptables on the command line is helpful for seeing what's going on right now, but doesn't help if you want data from some time in the past.
Frank
-- Frank Smith fsmith@xxxxxxxxxxx Systems Administrator Voice: 512-374-4673 Hoover's Online Fax: 512-374-4501
