On 13-06-02 11:15 PM, Tom Eastep wrote:
>
> I personally would much prefer to see the output of 'shorewall show'
> ('shorewall show -t mangle' if ACCOUNTING_TABLE=mangle).
Damn. I was on the fence about whether to show you config or result.
I guess I guessed wrong. :-(
Chain accounting (3 references)
pkts bytes target prot opt in out source destination
4825K 4391M all -- eth1 * 0.0.0.0/0 0.0.0.0/0
4355K 934M all -- * eth1 0.0.0.0/0 0.0.0.0/0
675K 836M RETURN udp -- eth1 * 0.0.0.0/0 0.0.0.0/0
udp dpt:1194
734K 106M RETURN udp -- * eth1 0.0.0.0/0 0.0.0.0/0
udp spt:1194
1918K 2644M RETURN 41 -- eth1 * 0.0.0.0/0 0.0.0.0/0
1047K 120M RETURN 41 -- * eth1 0.0.0.0/0 0.0.0.0/0
9764 2778K RETURN udp -- eth1 * 0.0.0.0/0 0.0.0.0/0
multiport dports 67,68,123
1784 136K RETURN udp -- * eth1 0.0.0.0/0 0.0.0.0/0
multiport sports 67,68,123
0 0 RETURN udp -- * eth1 0.0.0.0/0
216.14.98.22 udp dpt:3740
78281 5642K RETURN icmp -- * eth1 0.0.0.0/0 0.0.0.0/0
82238 5480K RETURN icmp -- eth1 * 0.0.0.0/0 0.0.0.0/0
89946 14M RETURN udp -- eth1 * 0.0.0.0/0 0.0.0.0/0
udp dpts:40000:50000
8465 777K RETURN all -- * * 0.0.0.0/0
67.193.232.12
171K 60M acc_pc all -- eth1 br-lan 0.0.0.0/0
192.168.222.1
269K 26M acc_pc all -- br-lan eth1 192.168.222.1
0.0.0.0/0
0 0 acc_pc all -- eth1 br-lan 0.0.0.0/0
192.168.222.101
0 0 acc_pc all -- br-lan eth1 192.168.222.101
0.0.0.0/0
18597 4158K acc_pc all -- tun0 br-lan 0.0.0.0/0
192.168.222.1
24487 3604K acc_pc all -- br-lan tun0 192.168.222.1
0.0.0.0/0
0 0 acc_pc all -- tun0 br-lan 0.0.0.0/0
192.168.222.101
0 0 acc_pc all -- br-lan tun0 192.168.222.101
0.0.0.0/0
9947K 6586M RETURN all -- * br-lan 0.0.0.0/0
192.168.222.1
7019K 305M RETURN all -- br-lan * 192.168.222.1
0.0.0.0/0
0 0 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.101
0 0 RETURN all -- br-lan * 192.168.222.101
0.0.0.0/0
0 0 acc_pvr all -- eth1 br-lan 0.0.0.0/0
192.168.222.2
1 60 acc_pvr all -- br-lan eth1 192.168.222.2
0.0.0.0/0
1 40 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.2
21082 1602K RETURN all -- br-lan * 192.168.222.2
0.0.0.0/0
0 0 acc_brian_lt all -- eth1 br-lan 0.0.0.0/0
192.168.222.185
0 0 acc_brian_lt all -- br-lan eth1 192.168.222.185
0.0.0.0/0
22 4428 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.185
5312 412K RETURN all -- br-lan * 192.168.222.185
0.0.0.0/0
0 0 acc_brian_lt all -- eth1 br-lan 0.0.0.0/0
10.10.0.0/16
0 0 acc_brian_lt all -- br-lan eth1 10.10.0.0/16
0.0.0.0/0
0 0 RETURN all -- * br-lan 0.0.0.0/0
10.10.0.0/16
0 0 RETURN all -- br-lan * 10.10.0.0/16 0.0.0.0/0
0 0 acc_brian_lt all -- eth1 br-lan 0.0.0.0/0
10.0.0.0/24
0 0 acc_brian_lt all -- br-lan eth1 10.0.0.0/24
0.0.0.0/0
0 0 RETURN all -- * br-lan 0.0.0.0/0 10.0.0.0/24
0 0 RETURN all -- br-lan * 10.0.0.0/24 0.0.0.0/0
0 0 acc_brian_lt all -- eth1 br-lan 0.0.0.0/0
192.168.222.217
0 0 acc_brian_lt all -- br-lan eth1 192.168.222.217
0.0.0.0/0
0 0 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.217
0 0 RETURN all -- br-lan * 192.168.222.217
0.0.0.0/0
0 0 acc_brian_lt all -- eth1 br-lan 0.0.0.0/0
192.168.222.244
0 0 acc_brian_lt all -- br-lan eth1 192.168.222.244
0.0.0.0/0
0 0 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.244
0 0 RETURN all -- br-lan * 192.168.222.244
0.0.0.0/0
0 0 acc_brian_lt all -- eth1 br-lan 0.0.0.0/0
192.168.222.151
0 0 acc_brian_lt all -- br-lan eth1 192.168.222.151
0.0.0.0/0
0 0 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.151
0 0 RETURN all -- br-lan * 192.168.222.151
0.0.0.0/0
0 0 acc_brian_lt all -- eth1 br-lan 0.0.0.0/0
192.168.222.213
0 0 acc_brian_lt all -- br-lan eth1 192.168.222.213
0.0.0.0/0
14 3384 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.213
3156 245K RETURN all -- br-lan * 192.168.222.213
0.0.0.0/0
865K 372M acc_brian_lt all -- eth1 br-lan 0.0.0.0/0
192.168.222.199
1271K 558M acc_brian_lt all -- br-lan eth1 192.168.222.199
0.0.0.0/0
866K 372M RETURN all -- * br-lan 0.0.0.0/0
192.168.222.199
1271K 558M RETURN all -- br-lan * 192.168.222.199
0.0.0.0/0
0 0 acc_brian_lt_old all -- eth1 br-lan 0.0.0.0/0
192.168.222.145
0 0 acc_brian_lt_old all -- br-lan eth1 192.168.222.145
0.0.0.0/0
0 0 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.145
0 0 RETURN all -- br-lan * 192.168.222.145
0.0.0.0/0
0 0 acc_mac all -- eth1 br-lan 0.0.0.0/0
192.168.222.221
0 0 acc_mac all -- br-lan eth1 192.168.222.221
0.0.0.0/0
0 0 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.221
387 33642 RETURN all -- br-lan * 192.168.222.221
0.0.0.0/0
0 0 acc_mac all -- eth1 br-lan 0.0.0.0/0
192.168.222.251
0 0 acc_mac all -- br-lan eth1 192.168.222.251
0.0.0.0/0
0 0 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.251
0 0 RETURN all -- br-lan * 192.168.222.251
0.0.0.0/0
0 0 acc_joey_lt all -- eth1 br-lan 0.0.0.0/0
192.168.222.208
0 0 acc_joey_lt all -- br-lan eth1 192.168.222.208
0.0.0.0/0
0 0 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.208
0 0 RETURN all -- br-lan * 192.168.222.208
0.0.0.0/0
0 0 acc_joey all -- eth1 br-lan 0.0.0.0/0
192.168.222.4
3 180 acc_joey all -- br-lan eth1 192.168.222.4 0.0.0.0/0
10 2188 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.4
19310 1432K RETURN all -- br-lan * 192.168.222.4
0.0.0.0/0
0 0 acc_brian_archos all -- eth1 br-lan 0.0.0.0/0
192.168.222.234
0 0 acc_brian_archos all -- br-lan eth1 192.168.222.234
0.0.0.0/0
0 0 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.234
0 0 RETURN all -- br-lan * 192.168.222.234
0.0.0.0/0
0 0 acc_brian_archos all -- eth1 br-lan 0.0.0.0/0
192.168.222.253
0 0 acc_brian_archos all -- br-lan eth1 192.168.222.253
0.0.0.0/0
0 0 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.253
0 0 RETURN all -- br-lan * 192.168.222.253
0.0.0.0/0
0 0 acc_brian_archos all -- eth1 br-lan 0.0.0.0/0
192.168.222.247
0 0 acc_brian_archos all -- br-lan eth1 192.168.222.247
0.0.0.0/0
0 0 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.247
0 0 RETURN all -- br-lan * 192.168.222.247
0.0.0.0/0
4500 2211K acc_brian_phone all -- eth1 br-lan 0.0.0.0/0
192.168.222.176
6060 868K acc_brian_phone all -- br-lan eth1 192.168.222.176
0.0.0.0/0
4500 2211K RETURN all -- * br-lan 0.0.0.0/0
192.168.222.176
6060 868K RETURN all -- br-lan * 192.168.222.176
0.0.0.0/0
30372 8480K acc_joe_phone all -- eth1 br-lan 0.0.0.0/0
192.168.222.190
35259 7133K acc_joe_phone all -- br-lan eth1 192.168.222.190
0.0.0.0/0
30372 8480K RETURN all -- * br-lan 0.0.0.0/0
192.168.222.190
35259 7133K RETURN all -- br-lan * 192.168.222.190
0.0.0.0/0
53470 57M acc_joe_tablet all -- eth1 br-lan 0.0.0.0/0
192.168.222.186
52412 7368K acc_joe_tablet all -- br-lan eth1 192.168.222.186
0.0.0.0/0
53470 57M RETURN all -- * br-lan 0.0.0.0/0
192.168.222.186
52412 7368K RETURN all -- br-lan * 192.168.222.186
0.0.0.0/0
0 0 acc_galaxy_tablet all -- eth1 br-lan 0.0.0.0/0
192.168.222.181
0 0 acc_galaxy_tablet all -- br-lan eth1 192.168.222.181
0.0.0.0/0
0 0 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.181
0 0 RETURN all -- br-lan * 192.168.222.181
0.0.0.0/0
738 325K acc_lenovo_tablet all -- eth1 br-lan 0.0.0.0/0
192.168.222.177
1211 153K acc_lenovo_tablet all -- br-lan eth1 192.168.222.177
0.0.0.0/0
738 325K RETURN all -- * br-lan 0.0.0.0/0
192.168.222.177
1211 153K RETURN all -- br-lan * 192.168.222.177
0.0.0.0/0
0 0 acc_steve_phone all -- eth1 br-lan 0.0.0.0/0
192.168.222.188
0 0 acc_steve_phone all -- br-lan eth1 192.168.222.188
0.0.0.0/0
0 0 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.188
0 0 RETURN all -- br-lan * 192.168.222.188
0.0.0.0/0
0 0 acc_steve_phone all -- eth1 br-lan 0.0.0.0/0
192.168.222.219
0 0 acc_steve_phone all -- br-lan eth1 192.168.222.219
0.0.0.0/0
0 0 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.219
0 0 RETURN all -- br-lan * 192.168.222.219
0.0.0.0/0
0 0 acc_joe_archos all -- eth1 br-lan 0.0.0.0/0
192.168.222.135
0 0 acc_joe_archos all -- br-lan eth1 192.168.222.135
0.0.0.0/0
0 0 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.135
0 0 RETURN all -- br-lan * 192.168.222.135
0.0.0.0/0
141 7743 acc_wireless_router all -- eth1 br-lan 0.0.0.0/0
192.168.222.228
53 2120 acc_wireless_router all -- br-lan eth1 192.168.222.228
0.0.0.0/0
141 7743 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.228
53 2120 RETURN all -- br-lan * 192.168.222.228
0.0.0.0/0
334K 311M acc_linux all -- eth1 br-lan 0.0.0.0/0
192.168.222.3
277K 30M acc_linux all -- br-lan eth1 192.168.222.3
0.0.0.0/0
83260 19M acc_linux all -- eth1 br-lan 0.0.0.0/0
192.168.222.8
83463 19M acc_linux all -- br-lan eth1 192.168.222.8
0.0.0.0/0
0 0 acc_linux all -- eth1 br-lan 0.0.0.0/0
192.168.222.9
6 255 acc_linux all -- br-lan eth1 192.168.222.9
0.0.0.0/0
619K 785M acc_linux all -- tun0 br-lan 0.0.0.0/0
192.168.222.3
690K 50M acc_linux all -- br-lan tun0 192.168.222.3
0.0.0.0/0
15778 3047K acc_linux all -- tun0 br-lan 0.0.0.0/0
192.168.222.8
6067 3604K acc_linux all -- br-lan tun0 192.168.222.8
0.0.0.0/0
0 0 acc_linux all -- tun0 br-lan 0.0.0.0/0
192.168.222.9
0 0 acc_linux all -- br-lan tun0 192.168.222.9
0.0.0.0/0
984K 1101M RETURN all -- * br-lan 0.0.0.0/0
192.168.222.3
997K 86M RETURN all -- br-lan * 192.168.222.3
0.0.0.0/0
99281 22M RETURN all -- * br-lan 0.0.0.0/0
192.168.222.8
89993 23M RETURN all -- br-lan * 192.168.222.8
0.0.0.0/0
12230 2769K RETURN all -- * br-lan 0.0.0.0/0
192.168.222.9
12887 1316K RETURN all -- br-lan * 192.168.222.9
0.0.0.0/0
0 0 acc_wii all -- eth1 br-lan 0.0.0.0/0
192.168.222.146
0 0 acc_wii all -- br-lan eth1 192.168.222.146
0.0.0.0/0
0 0 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.146
0 0 RETURN all -- br-lan * 192.168.222.146
0.0.0.0/0
502K 60M acc_xbox all -- eth1 br-lan 0.0.0.0/0
192.168.222.191
499K 54M acc_xbox all -- br-lan eth1 192.168.222.191
0.0.0.0/0
502K 60M RETURN all -- * br-lan 0.0.0.0/0
192.168.222.191
499K 54M RETURN all -- br-lan * 192.168.222.191
0.0.0.0/0
0 0 acc_joanne_phone all -- eth1 br-lan 0.0.0.0/0
192.168.222.170
0 0 acc_joanne_phone all -- br-lan eth1 192.168.222.170
0.0.0.0/0
0 0 RETURN all -- * br-lan 0.0.0.0/0
192.168.222.170
0 0 RETURN all -- br-lan * 192.168.222.170
0.0.0.0/0
0 0 acc_unknown all -- eth1 br-lan 0.0.0.0/0 0.0.0.0/0
0 0 acc_unknown all -- br-lan eth1 0.0.0.0/0 0.0.0.0/0
19320 1522K RETURN all -- * br-lan 0.0.0.0/0 0.0.0.0/0
1228 57931 RETURN all -- br-lan * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- eth1 * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 4 prefix `Shorewall:acct:DROP:'
0 0 LOG all -- * eth1 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 4 prefix `Shorewall:acct:DROP:'
Cheers,
b.
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
