Re: [Shorewall-users] "catch-all" in accounting not working

Sun, 02 Jun 2013 07:48:03 -0700 

On 06/02/2013 06:50 AM, Brian J. Murrell wrote:
> So, at the end of my long list of (old-style) accounting rules I have a
> "catch-all":
> 
> acc_unknown - $CGCOIF br-lan:0.0.0.0/0
> acc_unknown - br-lan:0.0.0.0/0 $CGCOIF
> DONE  -       -               br-lan:0.0.0.0/0
> DONE  -       br-lan:0.0.0.0/0
> COUNT           acc_unknown   $CGCOIF    br-lan
> COUNT           acc_unknown   br-lan    $CGCOIF
> 
> meant to account for anything that didn't get accounted for above it.
> The accounting rule above that are all working just fine, however this
> catch-all doesn't seem to get anything in it as you can see:
> 
> Chain acc_unknown (2 references)
>  pkts bytes target     prot opt in     out     source               
> destination         
>     0     0            all  --  eth1   br-lan  0.0.0.0/0            0.0.0.0/0 
>           
>     0     0            all  --  br-lan eth1    0.0.0.0/0            0.0.0.0/0 
>           
> 
> 
> Chain accounting (3 references)
>  pkts bytes target     prot opt in     out     source               
> destination         
> ...
>     0     0 acc_unknown  all  --  eth1   br-lan  0.0.0.0/0            
> 0.0.0.0/0           
>     0     0 acc_unknown  all  --  br-lan eth1    0.0.0.0/0            
> 0.0.0.0/0           
> 11988  941K RETURN     all  --  *      br-lan  0.0.0.0/0            0.0.0.0/0 
>           
>   786 36304 RETURN     all  --  br-lan *       0.0.0.0/0            0.0.0.0/0 
>           
>     0     0 LOG        all  --  eth1   *       0.0.0.0/0            0.0.0.0/0 
>           LOG flags 0 level 4 prefix `Shorewall:acct:DROP:' 
>     0     0 LOG        all  --  *      eth1    0.0.0.0/0            0.0.0.0/0 
>           LOG flags 0 level 4 prefix `Shorewall:acct:DROP:' 
> 
> Am I doing something wrong?
> 

Depends on what precedes the above accounting rules.

-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
Get 100% visibility into Java/.NET code with AppDynamics Lite
It's a free troubleshooting tool designed for production
Get down to code-level detail for bottlenecks, with <2% overhead.
Download for free and get started troubleshooting in minutes.
http://p.sf.net/sfu/appdyn_d2d_ap2
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to