>Hello,
Hi,
>I have a firewall that provides internet to two networks, a private one
>...
>My question is: is it somehow possible I am leaking data on my outside
>port that would trigger the ISP counter but not iptaccount? Is there
>some layer 2 traffic of which I am not aware that would tell the ISP
>what the intended traffic before shaping might be? I have been dumping
>and analyzing traffic for hours and found nothing, but maybe there is
>something I don't know about that would explain this.
First of all try to compare isp data with what you see on ethernet
interface connected to that isp:
ip link show -s dev ethX
You should get something like this:
RX: bytes packets errors dropped overrun mcast
714301652 713443 0 0 0 3494
TX: bytes packets errors dropped carrier collsns
79328329 501677 0 0 2 0
Stats show actual data sent/received (since reboot) including layer2
headers. Gathered data should exacly match your isp stats.
Best regards,
Marek Kierdelewicz
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
