* Mario Ohnewald <mario.Ohnewald@xxxxxx> 2. Mar 04:
> Hello!
Hi,
> I have got a iptables firewall running and i want to monitor my traffic,
> therefore i played arund with the following command: /sbin/iptables -vnxL
> OUTPUT | grep "Chain OUTPUT"
> It worked fine, although, after a while it kept getting the result:
> Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
> I reloaded the filter rules, still the same.
Please don't wrap outputs.
> Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
These-----^----------^
are only the counters of your default policy. Your traffic is...
> pkts bytes target prot opt in out source destination
> 9 2051 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
> 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 11
> 2 132 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 3
> 0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3
> 9535 2685876 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED
,^^^^--^^^^^^^
... here.
> 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SuSE-FW-OUTPUT-ERROR '
>
> [snip stuff]
>
> How come it wont count up the Accepted packaged and Bytes?
It would, but as you -j ACCEPT everything before the default policy it
can't.
HTH,
regards, Frank.
--
Sigmentation fault
