Re: lug-bg: ipchains -L -Z
- Subject: Re: lug-bg: ipchains -L -Z
- From: whitefang@xxxxxx ( )
- Date: Sat, 26 Jan 2002 20:43:44 +0200
On Saturday 26 January 2002 01:35 am, you wrote:
> imam sledniq problem .... kogato polzwam ipchains -L -Z ne mi se nulirat
> cauntarite ..... a w man page pishe :
> -Z, --zero
> Zero the packet and byte counters in all chains. It is
> legal to specify the -L,--list (list) option as well, to see the
> counters immediately before they are cleared; if this is done, then
> no specific chain can be specified (they will all be displayed and
> cleared).
>
>
> no AZ ne poluchawam tozi efekt ne polucawam suobstenie za greshka printwa
> se wsichko... na cauntarite ne se chistqt
>
> togawa poglednah HOWTO-to i widqh slednoto ....
> ---------------------------------------------------------------------------
>------------
>
> 4.1.5.10. Resetting (Zeroing) Counters
>
> It is useful to be able to reset the counters. This can be done with
> the `-Z' (zero counters) option. For example:
>
>
>
> # ipchains -v -L input
> Chain input (refcnt = 1): (policy ACCEPT)
> pkts bytes target prot opt tosa tosx ifname mark source
> destination
> ports
> 10 840 ACCEPT icmp ----- 0xFF 0x00 lo
> anywhere anywhere
> any
> # ipchains -Z input
> # ipchains -v -L input
> Chain input (refcnt = 1): (policy ACCEPT)
> pkts bytes target prot opt tosa tosx ifname mark source
> destination
> ports
> 0 0 ACCEPT icmp ----- 0xFF 0x00 lo
> anywhere anywhere
> any
> #
>
> The problem with this approach is that sometimes you need to know the
> counter values immediately before they are reset. In the above
> example, some packets could pass through between the `-L' and `-Z'
> commands. For this reason, you can use the `-L' and `-Z' together, to
> reset the counters while reading them. Unfortunately, if you do this,
> you can't operate on a single chain: you have to list and zero all the
> chains at once.
>
> # ipchains -L -v -Z
> Chain input (policy ACCEPT):
> pkts bytes target prot opt tosa tosx ifname mark
> source destination
> ports
> 10 840 ACCEPT icmp ----- 0xFF 0x00 lo
> anywhere anywhere
> any
>
> Chain forward (refcnt = 1): (policy ACCEPT)
> Chain output (refcnt = 1): (policy ACCEPT)
> Chain test (refcnt = 0):
> 0 0 DENY icmp ----- 0xFF 0x00 ppp0
> localnet/24 anywhere
> any
>
>
>
> # ipchains -L -v
> Chain input (policy ACCEPT):
> pkts bytes target prot opt tosa tosx ifname mark
> source destination
> ports
> 10 840 ACCEPT icmp ----- 0xFF 0x00 lo
> anywhere anywhere
> any
>
> Chain forward (refcnt = 1): (policy ACCEPT)
> Chain output (refcnt = 1): (policy ACCEPT)
> Chain test (refcnt = 0):
> 0 0 DENY icmp ----- 0xFF 0x00 ppp0
> localnet/24 anywhere
> any
> #
> ---------------------------------------------------------------------------
>------------------- i kakto zabelqzwate ... w primera daden kak kato se
> izpolzwat -L -Z zadno prosto ne se poluchawa towa koeto trqbwa ..... pkgs
> pordylzawa da si e 10 a bytes da e 840
>
> ta pitam ima li nachin da se naprawi towa koeto iskam ... ili primera koito
> sa dali e dostatachno pokazatelen che NQMA ...
>
Ami ne si dal info za tova kak vikash ipchains.
V man-a iasno e kazano 4e -L -Z ne moje da se prilaga za otdelni chains.
Ako triesh vsi4ko. Pro4ei file-a BUGS ili neshto takova ot iptables. Mislia
4e tam se spomenavashe niakakyv podoben problem, koito e fix-nat.
Upgrade 2 >=linux-2.4.16
> stawa wupros za :
> ipchains 1.3.10
> kernel 2.4.4
> debian [woody]
> i HOWTO-to ot linuxdoc
>
>
>
> YaneV
> ===========================================================================
> A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
> http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara Zagora
===========================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara Zagora
|