I've developed a program (under development) to monitor iptables-rules/chains in realtime. and I just thought that maybe you guys in here would be interested of it. What I do not know on the other hand is if it's "ok" to promote my program in here, if it's not sorry :) but I've seen other people doing similar things. Back to the program. It consists of a library and programs utilizing the library. The library takes care of putting speed's on the libiptc-structures. natdump -d -z will dump out all rules in the active configuration that has a speed of more than 0 natstat is a gui (ncurses) that will show the rules/chains at real time. natstatqt is a gui (qt) that does the same (not really, it's under developed compared to the ncruses gui). A very commonly used and needed function is to 'temporary flush' a rule. Meaning with a single click you can 'temporary flush' a rule to see how much traffic has been sent .. and another click to unflush it. It's a perfect help-tool for control freaks :) http://freshmeat.net/projects/natstat/
