On Wed, 2011-09-14 at 12:51 -0800, Travis Veazey wrote: > > Ha! Well, doesn't that just make things so very easy? > > And just to clarify, this does not apply -- at least not in the same > way -- to accounting rules that look at packets which e.g. enter on > eth0 and leave on eth1, right? For example, the rule: > > traffic:COUNT - eth1 eth0 > > would only count packets that actually get routed through (i.e. get > accepted and routed), and would not count packets that hit eth1 but > are then dropped or rejected, right?
It counts *all* packets that enter via eth1 and get routed out of eth0, regardless of their subsequent disposition. One more time - Accounting occurs *before any filtering*. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA Learn about the latest advances in developing for the BlackBerry® mobile platform with sessions, labs & more. See new tools and technologies. Register for BlackBerry® DevCon today! http://p.sf.net/sfu/rim-devcon-copy1
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
