> Gesendet: Donnerstag, 01. April 2021 um 01:08 Uhr > Von: "Frank Myhr" <fmyhr@xxxxxxxxxxx> > An: "Florian Westphal" <fw@xxxxxxxxx>, "Frank Wunderlich" <frank-w@xxxxxxxxxxxxxxx> > Cc: netfilter@xxxxxxxxxxxxxxx > Betreff: Re: nft show counter > > On 2021/03/31 17:40, Florian Westphal wrote: > > You could use a named counter and then fetch it via 'nft list counter > > inet tablenam countername'. > > This is the straightforward solution! > > Florian, is it correct that *all* counters are stateful objects, they're > just anonymous stateful objects if used in a rule without first > declaring them with a name? The wiki reads as if they're 2 separate > things (I'm happy to fix but want to check with you first): > > https://wiki.nftables.org/wiki-nftables/index.php/Counters Hi, thank you, i saw the named counters before, but i have thought i can read out the "normal" counters too... have now changed to named counters (instead of jump to voipX-chain) my rules-file looks like this now (just for anybody wants do do similar): table ip filter { ... chain FORWARD { type filter hook forward priority 0; policy drop; #... ip saddr $ipvoipbox udp dport 5160 counter name voip1 comment "counting packets for SIP1" ip daddr $ipvoipbox udp dport 5160 counter name voip1 comment "counting packets for SIP1" ip saddr $ipvoipbox udp sport 5161 counter name voip2 comment "counting packets for SIP2" ip daddr $ipvoipbox udp dport 5161 counter name voip2 comment "counting packets for SIP2" #... } counter voip1 { } counter voip2 { } } one thing: # nft list counter filter voip2 table ip mangle { } table ip nat { } table ip filter { counter voip2 { packets 124 bytes 7440 } } tables mangle and nat should not be printed (still have them separately from converting iptables to nft)...in json-format it is right # nft list counter filter voip2 -j {"nftables": [{"counter": {"family": "ip", "name": "voip2", "table": "filter", "handle": 6, "packets": 136, "bytes": 8160}}]} made a little python-script (not yet with error-handling) to read out the bytes: import os import json def getCounter(countername): stream = os.popen('nft list counter filter '+countername+' -j') output = stream.read() #print(output) j=json.loads(output) return j["nftables"][0]["counter"]["bytes"] print(getCounter("voip1"),"bytes") print(getCounter("voip2"),"bytes") regards Frank
