Greetings, 1) I have a firewall and would like to count all the traffic entering/leaving the external interface (I want to count only internet traffic, which is the traffic entering/leaving the external if). Is this rule right ? iptables -N ACCT iptables -I FORWARD -j ACCT iptables -I INPUT -j ACCT iptables -I OUTPUT -j ACCT iptables -A ACCT -s 10.168.0.2/32 -d 0.0.0.0/0 -o eth0 iptables -A ACCT -s 0.0.0.0/0 -d 10.168.0.2/32 -i eth0 10.168.0.2 is my external interface ip and is also the ip which my internal network is natted behind. 2) I would like to save/restore only this accounting rule. I thought 'iptables-save -c -t ACCT' would work but it doesn't. 'iptables -L ACCT -n -v -x' gives me the right counter values but how can I save and restore only my accounting rule to prevent loosing the values after a reboot and I don't want to save/restore all the accounting stats. 3) How do I flush the accounting stats. I'm trying to count all traffic for a month and would then like to flush it at the 1st of the next month, so I can start counting the new month. I'm stuck. tx, in advance e.
