[Shorewall-users] Accounting - counters reset by restart

Tue, 19 Jan 2021 05:25:32 -0800 

Good afternoon all,

According to the 'Accounting' page, it is possible to retain counters
over a restart/reboot by running 'shorewall save -C' periodically, and
using the '-C -f' flags for shorewall start and restart.

I have 'shorewall save -C' in my root's crontab (and
/var/lib/shorewall/restore is being updated regularly), but when
running 'shorewall start -C -f', there is no '--counters' option
listed following the iptables-restore line (but there is after a
'shorewall reload') and the counters are reset. I'm sure I've missed
something obvious...

Many thanks,
Matt

#/sbin/shorewall version
5.2.8

#ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
group default qlen 1000
   link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
   inet 127.0.0.1/8 scope host lo
      valid_lft forever preferred_lft forever
2: netint: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc htb state
UP group default qlen 1000
   link/ether 40:8d:5c:84:45:4d brd ff:ff:ff:ff:ff:ff
   altname enp2s0
   inet 192.168.1.100/24 brd 192.168.1.255 scope global netint
      valid_lft forever preferred_lft forever
3: netext: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc htb state
UP group default qlen 1000
   link/ether 9c:d6:43:ae:0d:b7 brd ff:ff:ff:ff:ff:ff
   altname enp0s20u6
   inet 10.190.62.163/32 brd 10.255.255.255 scope global dynamic netext
      valid_lft 105488sec preferred_lft 91988sec
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
state DOWN group default
   link/ether 02:42:df:65:bf:05 brd ff:ff:ff:ff:ff:ff
   inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
      valid_lft forever preferred_lft forever
5: br-7aee5f166345: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue state UP group default
   link/ether 02:42:0e:c7:66:f4 brd ff:ff:ff:ff:ff:ff
   inet 172.20.0.1/16 brd 172.20.255.255 scope global br-7aee5f166345
      valid_lft forever preferred_lft forever
7: veth9e26a13@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue master br-7aee5f166345 state UP group default
   link/ether 1a:8d:7f:53:88:77 brd ff:ff:ff:ff:ff:ff link-netnsid 0
9: veth738fba8@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue master br-7aee5f166345 state UP group default
   link/ether 72:bc:52:62:81:0f brd ff:ff:ff:ff:ff:ff link-netnsid 2
11: veth6fb027b@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue master br-7aee5f166345 state UP group default
   link/ether b6:d2:fb:b4:35:53 brd ff:ff:ff:ff:ff:ff link-netnsid 4
13: vethf2a1aed@if12: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue master br-7aee5f166345 state UP group default
   link/ether 46:2a:a7:bc:7f:54 brd ff:ff:ff:ff:ff:ff link-netnsid 1
15: veth8833a8e@if14: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue master br-7aee5f166345 state UP group default
   link/ether 06:60:3b:2a:f5:1d brd ff:ff:ff:ff:ff:ff link-netnsid 3

#ip route show
default via 10.190.62.1 dev netext proto dhcp src 10.190.62.163 metric
203 mtu 1500
10.190.62.1 dev netext scope link src 10.190.62.163 metric 203 mtu 1500
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
172.20.0.0/16 dev br-7aee5f166345 proto kernel scope link src 172.20.0.1
192.168.1.0/24 dev netint proto kernel scope link src 192.168.1.100


_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to