[Shorewall-users] No Accounting?

Andrey Paskal app at altlinux.ru
Mon Dec 8 09:24:16 PST 2003


Thank you Tom!
Now it works.
But would you  make changes in your web page?
Since my wrong rules was cut-n-paste of your 
http://www.shorewall.net/Accounting.html example

------------------------------------------------------------ 
Here's how the same example would be constructed on a server with only one 
interface (eth0):

#ACTION		CHAIN	SOURCE	DESTINATION	PROTOCOL	DEST		SOURCE
#								PORT		PORT
web		-	eth0	-		tcp		80
web		-	-	eth0		tcp		-		80
web		-	eth0	-		tcp		443
web		-	-	eth0		tcp		-		443

COUNT		web	eth0	-
COUNT		web	-	eth0
-------------------------------------------------------------------------------------------


With best regards,
Andrey Paskal

TE> On Sat, 2003-12-06 at 08:30, Andrey Paskal wrote:
TE> > Hello!
TE> > I'm a novice level shorewall user.
TE> 
TE> Then in the future, please post your questions on
TE> shorwall-newbies at shorewall.net.
TE> 
TE> > I just tried to setup traffic accounting for single interface system 
TE> > http://www.shorewall.net/Accounting.html
TE> > 
TE> > When setuped and restarted by stop/start and some web browsing activity 
from 
TE> > fw machine
TE> > shorewall show accounting web      shows only zeros
TE> > 
TE> > [root at happ shorewall]# shorewall show accounting
TE> > Shorewall-1.4.8 Chain accounting at happ - Сбт Дек  6 19:05:37 MSK 2003
TE> > 
TE> > Counters reset Sat Dec  6 18:00:42 MSK 2003
TE> > 
TE> > Chain accounting (3 references)
TE> >  pkts bytes target     prot opt in     out     source               
TE> > destination
TE> >     0     0 web        tcp  --  eth0   *       0.0.0.0/0            
0.0.0.0/0          
TE> > tcp dpt:80
TE> >     0     0 web        tcp  --  *      eth0    0.0.0.0/0            
0.0.0.0/0          
TE> > tcp spt:80
TE> >     0     0 web        tcp  --  eth0   *       0.0.0.0/0            
0.0.0.0/0          
TE> > tcp dpt:443
TE> >     0     0 web        tcp  --  *      eth0    0.0.0.0/0            
0.0.0.0/0          
TE> > tcp spt:443
TE> 
TE> Your rules are backward -- OUTGOING packets have DPT=80 or 443.
TE> 
TE> -Tom
TE> -- 
TE> Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
TE> Shoreline,     \ http://shorewall.net
TE> Washington USA  \ teastep at shorewall.net
TE> 
TE> 
TE> _______________________________________________
TE> Shorewall-users mailing list
TE> Post: Shorewall-users at lists.shorewall.net
TE> Subscribe/Unsubscribe: 
https://lists.shorewall.net/mailman/listinfo/shorewall-users
TE> Support: http://www.shorewall.net/support.htm
TE> FAQ: http://www.shorewall.net/FAQ.htm
TE> 


More information about the Shorewall-users mailing list