Hello, why does iptables-save print 2 numbers in square brackets? Is it used for anything? Is it number of inspected packets (and what's the other number then)? And what does *filter mean? Thank you Alex $ sudo iptables-save # Generated by iptables-save v1.3.5 on Tue Dec 2 23:53:56 2008 *filter :INPUT DROP [26:8260] :FORWARD DROP [0:0] :OUTPUT ACCEPT [376:82274] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type any -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 1/min --limit-burst 3 -j ACCEPT COMMIT # Completed on Tue Dec 2 23:53:56 2008 $ cat /etc/*release CentOS release 5.2 (Final) 2008010200
On Tuesday 02 December 2008 17:58, Alexander Farber wrote:> why does iptables-save print 2 numbers in square brackets? > Is it used for anything? Is it number of inspected packets > (and what's the other number then)?It is packetand byte counters.> And what does *filter mean?Not sure -- Regards Robert It is not just an adventure. It is my job!! Linux User #296285 http://counter.li.org
Robert answered the first question...> And what does *filter mean?It's the table name. "filter" is the name of the default table. The other table name you may see in common use is "nat". -- Spiro Harvey Knossos Networks Ltd 021-295-1923 www.knossos.net.nz -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: not available URL: <http://lists.centos.org/pipermail/centos/attachments/20081203/31eb60b7/attachment-0003.sig>