Iptables + quota patch

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi!
We are temporary using quota patch to account out traffic.
But the reply from iptables is somewhere strange, for example, i consequently ask for current rule, and receive different --quota state, it jumps from 23964119 bytes to 28167287 and back in undefined order, however in the left column the ammount of sended bytes remains constant. 
pastor@UProxy:/root/firewall$ sudo iptables-save -c | grep 130.84
[11332:7111480] -A OUTPUT -s 130.130.130.57/32 -d 130.130.130.84/32 -m quota --quota 23964119 -j ACCEPT 
pastor@UProxy:/root/firewall$ sudo iptables-save -c | grep 130.84
[11332:7111480] -A OUTPUT -s 130.130.130.57/32 -d 130.130.130.84/32 -m quota --quota 28167287 -j ACCEPT 
pastor@UProxy:/root/firewall$ sudo iptables-save -c | grep 130.84
[11332:7111480] -A OUTPUT -s 130.130.130.57/32 -d 130.130.130.84/32 -m quota --quota 28167287 -j ACCEPT 
pastor@UProxy:/root/firewall$ sudo iptables-save -c | grep 130.84
[11332:7111480] -A OUTPUT -s 130.130.130.57/32 -d 130.130.130.84/32 -m quota --quota 28167287 -j ACCEPT 
pastor@UProxy:/root/firewall$ sudo iptables-save -c | grep 130.84
[11332:7111480] -A OUTPUT -s 130.130.130.57/32 -d 130.130.130.84/32 -m quota --quota 23964119 -j ACCEPT 
pastor@UProxy:/root/firewall$ sudo iptables-save -c | grep 130.84
[11332:7111480] -A OUTPUT -s 130.130.130.57/32 -d 130.130.130.84/32 -m quota --quota 28167287 -j ACCEPT 
pastor@UProxy:/root/firewall$ sudo iptables-save -c | grep 130.84
[11332:7111480] -A OUTPUT -s 130.130.130.57/32 -d 130.130.130.84/32 -m quota --quota 23964119 -j ACCEPT 
pastor@UProxy:/root/firewall$ sudo iptables-save -c | grep 130.84
[11332:7111480] -A OUTPUT -s 130.130.130.57/32 -d 130.130.130.84/32 -m quota --quota 28167287 -j ACCEPT 
pastor@UProxy:/root/firewall$ sudo iptables-save -c | grep 130.84
[11332:7111480] -A OUTPUT -s 130.130.130.57/32 -d 130.130.130.84/32 -m quota --quota 28167287 -j ACCEPT 

PS please don't pay attention to subnets and sorry for my english
p.f.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux