hi! i think you'd like to have a look in the section "match extensions" of the iptables man page. the first of them is "account" that you could use for your joy. angico. --- Andrew Kraslavsky <andykras@xxxxxxxxxxx> wrote: > Hello, > > Is there a way to get from iptables/netfilter the total number of > dropped > packets? > > The way we do this at the moment is with a script that: > > 1) Lists all the rules > 2) Finds within that list all rules whose target is DROP > 3) Adds up the packet count for each of those rules > > This seems to work okay but it is cumbersome. > > I'm hoping there's some nice little /proc counter or iptables command > that > will give me the total count of dropped packets. > > Thanks, > > Andrew Kraslavsky > > _________________________________________________________________ > Don?t just search. Find. Check out the new MSN Search! > http://search.msn.click-url.com/go/onm00200636ave/direct/01/ > > > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
