Re: Traffic accounting in iptables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Jan,

Sending ping:

# ping -s 1024 -c 100 google.com

iptables and tcpdump both shows (at IP layer + header):

incoming - 100 packets, 9200 bytes
outgoing - 100 packets, 105200 bytes

This seems fine. But I don't understand why I'm not getting similar
outputs of iptables and tcpdump when downloading a file via wget.


On 14 July 2010 19:39, Jan Engelhardt <jengelh@xxxxxxxxxx> wrote:
> On Wednesday 2010-07-14 19:00, Shirley Ong wrote:
>>With wireshark, I added up all the bytes (with and without header) at all
>>the different layers. The closest I can get wireshark to show the same
>>data bytes as iptables is at the IP Layer (data + header). What
>>puzzles me is that, wireshark shows 12 bytes (incoming traffic) more
>>than iptables
>
> Can you reproduce this using pings? (The ping program allows to specify
> payload sizes, and thus, exact packet sizes)
>
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux