On Wed, 1 Sep 2021 13:54:51 +0300 Niko Kortström <niko.kortstrom@xxxxxxxxx> wrote: > Hi > > Sorry on we're making some changes and changing the names, on target > ip-filtering has been changed to ecpri-ip-filtering. How do the packets > filtered not increase counters past the accept rule if they are not > accepted by it? One possibility is that the packet is being considered as a martian as a consequence of reverse path filtering (RFC 3704). In that case, the packet would not be processed by Netfilter at all. You can check the status of the filter(s) by running sysctl -a | grep '\.rp_filter'. -- Kerin Millar
