[Shorewall-users] No Accounting?

Tom Eastep teastep at shorewall.net
Sat Dec 6 08:33:18 PST 2003


On Sat, 2003-12-06 at 08:30, Andrey Paskal wrote:
> Hello!
> I'm a novice level shorewall user.

Then in the future, please post your questions on
shorwall-newbies at shorewall.net.

> I just tried to setup traffic accounting for single interface system 
> http://www.shorewall.net/Accounting.html
> 
> When setuped and restarted by stop/start and some web browsing activity from 
> fw machine
> shorewall show accounting web      shows only zeros
> 
> [root at happ shorewall]# shorewall show accounting
> Shorewall-1.4.8 Chain accounting at happ - Сбт Дек  6 19:05:37 MSK 2003
> 
> Counters reset Sat Dec  6 18:00:42 MSK 2003
> 
> Chain accounting (3 references)
>  pkts bytes target     prot opt in     out     source               
> destination
>     0     0 web        tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0          
> tcp dpt:80
>     0     0 web        tcp  --  *      eth0    0.0.0.0/0            0.0.0.0/0          
> tcp spt:80
>     0     0 web        tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0          
> tcp dpt:443
>     0     0 web        tcp  --  *      eth0    0.0.0.0/0            0.0.0.0/0          
> tcp spt:443

Your rules are backward -- OUTGOING packets have DPT=80 or 443.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net




More information about the Shorewall-users mailing list